Security news
Security news16 November 2007
70% of businesses concerned about data leakage via email With half of employees admitting to sending email to the wrong person, firms are right to be worried
50% of computer users have accidentally sent a sensitive email to the wrong person.
Research conducted by IT security and control firm Sophos has revealed that 70 percent of businesses are concerned about sensitive material falling into the wrong hands as a result of data leakage via email.
A further 50 percent of employees admit to having accidentally sent an embarrassing or sensitive email to the wrong person from the workplace, demonstrating that email leakage is a very real concern. Sophos experts note that it can potentially cause corporate embarrassment, compliance breaches and the loss of business critical information.
Sophos experts note that there can also be a significant financial impact from data such as customer lists, engineering information, and financial statements falling into the wrong hands. Suffering economic loss is undoubtedly the most serious potential consequence of data leakage.
"As more and more business, and indeed personal interaction, is conducted via work email, the risk of slipping up and clicking send without double-checking the recipient's details is ever-growing," said Graham Cluley, senior technology consultant at Sophos. "The fact that as many as half of employees have experienced that heart-stopping moment when they realize that their message is hurtling towards the wrong person shows that the human error factor is too significant to ignore. Businesses would be wise to check that their email security solutions have the facility to prevent this from happening by identifying when sensitive data or attachments are contained in the message, and if they don't, to consider a more water-tight alternative."
Survey results
|
Are you worried about sensitive data leaking from your company via
email?
| ||||
| Yes |
|
|||
| No |
| |||
Sophos online survey, 200 respondents, November 2007.
|
Have you ever accidentally sent an embarrassing or sensitive
email to the wrong person from work?
| ||||
| Yes |
|
|||
| No |
| |||
Sophos online survey, 300 respondents, October 2007.
To combat the risk of leaked information, Sophos recommends that companies install an email security solution that enables them to scan messages for sensitive data and keywords, and that uses encryption to ensure that business critical emails are sent securely. Furthermore, an effective appliance will identify and block confidential attachments, including those that have had their file type altered by the sender. This will ensure that accidental email loss and leakage by malicious intent are both thwarted.
"The vast majority of data leakages via email are purely accidental, so companies that put a solid solution and security policy in place, and those that educate employees on responsible email use, will mitigate the risks and dramatically reduce the possibility of critical data loss," said Cluley.
Sophos has recently announced that its two email appliances, the ES1000 and ES4000, now enable companies to prevent data leakage via email, as well as continuing to block email-borne malware, unwanted applications and spam.
- Learn more about Sophos Email Appliances
- Download and listen to a Sophos podcast on data leakage prevention
- Read more about data leakage prevention and email compliance
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Disclaimer: Please bear in mind that this poll is not scientific and is provided for information purposes only. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated.
Download now
- USA number 1 for malware and spam
- Huge surge in email attachment attacks
- Scareware makes users buy bogus products
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
