Multiple Measures Required for Data Security, Aberdeen Report Says

Over the last 12 months, best-in-class organizations experienced 27% fewer data loss incidents than the industry average from trusted internal users, and 92% fewer data loss incidents attributed to malicious outsiders, according to a research report by Aberdeen Group, a Harte-Hanks company.

According to the report, titled "Data Loss Prevention: Little Leaks Sink the Ship," the risk of data loss comes from all types of data, including innumerable "channels" for potential leakage and from end-user behavior ranging from inadvertent, to well-determined, to malicious.

Strategies that focus on protecting against data loss in only one channel do not solve the overall problem. Organizations with top performance take an information-centric approach to protecting sensitive data, using a combination of network-based and endpoint-based solutions to prevent loss.

"The majority of data loss incidents are associated with simple human error, and by well-meaning employees going around policies in trying to carry out their jobs," said Derek E. Brink, vice president and research fellow for IT security at Aberdeen. "The most effective strategies for preventing data loss include a combination of enabling technologies, including data discovery and classification, data monitoring and filtering, and endpoint data protection."

A copy of the report can be obtained here.