Data leaks top concern for corporate computer users

Cupertino, California-based Trend Micro Incorporated reported the other day that data leaks are becoming a leading source of headaches for U.S., U.K., German, and Japanese companies, according to the results of a study which explores corporate computer users’ perceptions of and experiences with security threats. The study, which surveyed 1,600 corporate end users in the United States, United Kingdom, Germany, and Japan, found that the loss of proprietary company data and information was ranked as the second most serious threat at work, following viruses. It was considered to be more serious than most other threats such as spam, spyware, and phishing. Many of those surveyed pointed the finger when it comes to corporate data leaks: While 6 percent of end users admitted to having leaked company information, 16 percent believe other employees caused data leaks. End users in the United States, United Kingdom, and Germany are more likely to admit to leaking company data, either intentionally or accidentally, than end users in Japan.

Respondents in the United States seem to believe they are slightly savvier when it comes to confidentiality — 74 percent of respondents say they know what type of company data is confidential and proprietary compared to 67 percent in the United Kingdom, 68 percent in Germany, and only 40 percent in Japan. On the other hand, end users of large companies in Japan are more aware of what type of company data is confidential compared to end users of smaller organizations. Mobile users are also more confident. In the United States, for example 79 percent of mobile end users say they know what is classified information compared to 69 percent of desktop computer users. The study also found that approximately 46 percent of companies do not currently have a policy to prevent data leaks. Companies in Germany and Japan are more likely than U.K. companies to implement data leak prevention policies. In all countries surveyed, large organizations are more likely to have preventative policies in place than small companies.

Among end users whose company currently has a policy to prevent data leakage, more U.S. end users (nearly 70 percent) report to have received training compared to the other countries, especially in the United Kingdom, where only 57 percent of end users said they received training. In all countries surveyed installation and use of security software are the most common actions taken to combat data leakage. “A majority of data leaks happen from within, either by accident or on purpose by valid users who have access to the data within a corporate network. This can trigger fines, litigation, brand damage and bad press so it’s no surprise that data leaks are becoming such an important issue for companies,” said Glen Kosaka, director of marketing for Trend Micro data leak prevention business unit. When it comes to conducting personal online activities on the company network, checking personal e-mail, and browsing Web sites unrelated to the job ranked high on the list. The survey found that while on the company network:

• U.K. end users are more likely to make personal purchases and visit social networking sites
• Japanese end users are significantly more likely to download executable files
• U.S. end users are significantly more likely to watch or listen to streaming media

Other findings include:

• More than half of end users (in all countries) who have been victims of spyware or phishing scams believe that their IT department could have prevented the incident
• U.K. and German users place less faith in the protection provided with their work PC than U.S. end users do, yet they are just as likely as U.S. end users to open suspicious emails or Web links