Asia's Source for Enterprise Network Knowledge

Friday, April 18th, 2014

Information security management

'Consumerization' of IT posing huge threats in enterprise

The entrance of consumer technologies inside the enterprise is posing real threats in IT systems, especially because most companies are not prepared, or do not have sufficient policies, for these new technologies, according to a recent survey by IT security firm Symantec.
 
The study also brought to light that 100% of respondents surveyed have indicated that they are extremely concerned with the loss of confidential/proprietary data. Despite this, 66% of the respondents have not implemented any form of DLP (data loss prevention) system.
 
“With the increasing ‘consumerisation of IT’ and mobility of employees, it is evident that many companies are still not adequately prepared nor equipped to deal with the growing popularity of Web2.0 tools. This creates security gaps in business processes, increasing the likelihood and extent of data loss threats,” said Unmesh Deshmukh, director, Endpoint Security Sales, Asia Pacific and Japan, Symantec.
 
The study found that the official use of consumer technology and social media tools has become prevalent in Singapore enterprises. The survey found that respondents are using social networking sites, like Facebook and LinkedIn (67%), Windows Live Messenger and Yahoo Messenger (33% respectively), blogs (33%) and micro-blogs, such as Twitter, (33%). As adoption and usage of such real-time communication tools continue to grow and flourish, enterprises are concerned about the security risks that they bring about. 100% of the respondents feel that social networking sites, blogs and podcasts pose as high security threats, and over 60% indicated likewise for instant messaging tools and micro-blogging.
 
Even though all surveyed respondents perceive social networking sites as high security threats, only 33% feel unprotected against it. Podcasts at 100% emerged as the top threat to the enterprise network, according to the survey. 67% and 33% of respondents have indicated that they feel unprotected using blogs and micro-blogging platforms, respectively. Despite these sentiments, a majority of Singapore enterprises remain unprepared and unprotected.
 
Remote Access
 
As employees become increasingly mobile, they need to access the corporate network remotely on personal devices. Organisations are empowering employees to access, modify and disseminate company information – often stored on the cloud – via their laptops or smartphones. Aligned with this trend, the study revealed that the number of endpoints in Singapore enterprises is growing, led by Windows-based laptops (66%) and smartphones (33%). Surprisingly, even as more smartphones are being deployed, only 33% of Singapore organisations have implemented standardised endpoint configurations for these devices. Overall, although 67% of respondents feel that employee-owned endpoints comprise security, only 33% have put in place integrated endpoint security processes. 66% of the organisations that participated in the survey indicated that they are planning or considering endpoint virtualisation for enhancing productivity and cost-savings.