Research carried out recently by Voltage Security at the RSA conference in San Francisco has confirmed what most of us know, but many enterprises still have to take action on: the inability to access data is costing enterprises money, and specifically, according to this research, sales.
The results of the quick-fire questionnaire completed by 300 security professionals at the conference offers some insights that businesses should heed.
Poor Data Access
The survey consisted of 10 questions which quickly got to the heart of the matter -- most notably the costs incurred by ineffective data management.
The principal finding is that while on the one hand 40% of companies have missed a sales opportunity because employees were able to access the information they needed, on the other -- and of equal concern -- 46% were not prepared to lose the sale and bypassed security protocols to access sensitive information to close a deal.
In terms of security itself the findings present a mixed bag of ok and worrying conclusions: 85% believed that their security measures added to the value of their company, 40% say that it is implemented in a way that limits their ability to move information around.
The result is that more than half of those surveyed said that they aren’t getting access to the information they need with 40% saying that they just gave up on a project resulting in lost sales opportunities.
On top of that only 29% of organizations say that they would know if sensitive information as compromised while 40% said they would never notice. This is even more worrying as more than half of those questioned said they have access to financial, customer or HR information they didn’t really need -- putting potentially sensitive information at risk.
While Voltage clearly has an interest in these kinds of findings in that its business is security, the survey echoes what we have seen before: data management and security is problematic in many companies.
It is safe to assume that with the majority of people working for major organizations with more than 5,000 employees, the loss of a single deal can be detrimental to business and may well cause millions in damage … The results show that organizations employ an array of restricting security tools that struggle to make data available to the right people, though the fundamental issue of security remains…” said Dave Anderson, senior director, marketing, at Voltage Security.
To overcome these issues he recommends three different general steps:
- Data-security strategy: Enterprises need to develop a data strategy, not just one that is designed to protect a device, server, tape, disk or media
- Data Integration: Focus on integrating core data functions for all data including encryption, tokenization and data masking capabilities. Point products that are not integrated can be the source of insecurity.
- Data protection solutions: Only solutions that can protect both structured and unstructured data should be considered, especially with the explosion in the number of sources of unstructured data. Solutions should cover everything from legacy and mainframe to data in the cloud an on mobile.
Take all three together and what you get is the basis of a data information, management and security strategy. The overall picture that this is offering is that many enterprises do not have such a strategy and that it’s costing them potentially millions in sales.
If you are interested on more on data strategies, check out the interview below with Sathvik Krishnamurthy, President and CEO of Voltage Security