The number one threat to data security heading into 2013 continues to be human error, according to a study done by the Independent Oracle Users Group (IOUG) titled, “Closing the Security Gap: 2012 IOUG Enterprise Data Security Survey.”
Thirty-eight percent of data managers and professionals who responded saw human error as a high-level threat to operations, with internal hackers or unauthorized users in second place at 22 percent, abuse of privileges by IT staff at 13 percent and lack of management commitment to security at 12 percent. Only 11 percent of respondents saw outside hackers as their biggest problem.
Managing Big Data
The average company sees a massive increase in data as it grows, yet few are proactive about managing that growth and ensuring that employees understand how to properly handle the information coming in. That leads to human error and sensitive data being incorrectly managed.
The other major obstacle is a lack of understanding of the importance of data security (until it becomes a problem) by upper management, which leads to insufficient funding.
Despite the advanced encryption tools available in the marketplace, only 32 percent of IOUG study respondents could say that personally identifiable information (information such as customer social security numbers or credit card information) was encrypted across all databases.
Creating an additional threat is the proliferation of new user devices. Laptops, smartphones, and tablets have increased business efficiency — but not without adding their own risks.
Preventing A Security Breach
Solutions are available to help manage these threats—and the IOUG study showed that those who are proactive are far less likely to have a security breach.
Proactive tactics to prevent security lapses include:
- Setting up and enforcing company-wide data protocols for secure data.
- Regular internal audits and monitoring to ensure data is used in compliance with company protocols.
- Utilizing multi-factor authentication for both internal and remote data access.
- Encrypting sensitive data, including both company data (such as intellectual property and financial information) and customer data (such as credit card information and social security numbers).