Data security storm brewing

According to SailPoint’s Annual Market Pulse Survey, cloud applications and mobile devices are creating an unparalleled level of risk for enterprises in the UK. Alarmingly, the survey reveals that while enterprises are embracing – and in some instances mandating – these new technologies, they do not have IT controls in place to properly manage them, putting themselves at an increased risk of a security breach. In fact, in the last year, 52% of the respondents have experienced someone try to use company data or applications after they are no longer with the organisation and 46% have had at least one security breach.

  • Friday, 13th December 2013 Posted 11 years ago in by Phil Alsop

This increased threat profile has arisen as UK enterprises have fully embraced cloud and mobile: 75% of enterprises use cloud-based applications to support major business processes with 36% of businesses citing they have mission critical apps in the cloud and 57% saying they plan to put such applications in the cloud in the next three years. Cloud technologies are so advantageous that 49% of enterprises now require IT decision makers to evaluate cloud applications as part of every software procurement process.


When it comes to mobile, 79% of respondents allow employees to use their personal devices to access company data or applications at work whilst only 27% automatically remove such data when the employee leaves the organisation. Perhaps most worrying, 40%of respondents admitted to an inability to manage them as part of their identity and access management (IAM) strategy.


“It’s no question that cloud and mobile are here to stay. But considering that our survey found the lack of IT oversight that exists, now is the time for IT to regain control,” said Jackie Gilbert, CMO and founder of SailPoint.


“In a business climate where enterprises know former employees have tried to access applications or breach protocols, companies cannot ignore the need for a holistic approach to IAM. As more and more enterprises mandate the use of cloud applications and open up their network to personal apps and mobile devices they need to have automated controls in place to monitor and manage user access. The threats of data theft, sabotage and reputation damage are very real. In a cloud enabled, mobile dominated world IAM is the front line in combating these threats.”


The 2013 Market Pulse Survey shows the stress IT organisations face as UK enterprises attempt the difficult task of proactively managing and monitoring user access across the incredibly dynamic IT environments of today’s business world. While more than half of businesses say they are ‘very successful’ in meeting their initial IAM objectives, these new technologies are creating cracks in that foundation. Of this year’s survey respondents:


• 40% believe that its ‘just a matter of time’ before another security breach occurs while at they same time;
• 44% admit that employees have read or seen company documents that they should not have had access to; and
• 39% believe that employees within their organisation would be prepared to sell company data if offered the right price.


“While the survey found that these new technologies are adding to the risk, what is most concerning to me is that organisations are still struggling to get their identity house in order, regardless of whether it is managing access to key applications on-premises or in the cloud,” continued Gilbert. “The hard truth for most organisations is that they do not have the controls in place over their user access privileges to meet the rapid adoption of cloud and mobile and this is creating a huge hole in their defences. The headlines are littered with examples of what happens when these holes are exploited. As businesses rush to capitalize on the undoubted business improvements that cloud and mobile can offer, they need an IAM strategy that governs user access while still enabling high levels of productivity.”