So what are the facts? Well:
- 82% of C-level executives report that their company has experienced a data breach.
- 94% of C-level executives report that they have had their data attacked in the last 6 months.
- 60% of the employees that lost their job admitted of taking sensitive information from their former company for reselling by downloading onto CD or DVD (53%), on a USB key (42%) or as an attachment to a personal email account (38%).
Currently, many companies control access to IT systems and services with identity and access management products such as ‘Active Directory’, and while such products may be effective in a controlled environment, it should be clearly understood that within the complex reality of most organisations a number of problems can and will arise. One of the biggest issues is that as stand-alone products they often cannot protect information and data sufficiently from unauthorised access, and additional tools are needed to achieve this. For many, being ‘physically secure’ is mainly what protects the data. However, anybody with physical access to servers could also remove disks and install them in a different computer to gain access to the files and data contained on them.
“Data-Centric” security envisages a world where individual items of data are secured irrespective of where they are held, in a fashion that allows only the appropriate access to the appropriate person, wherever they are, and whenever they try to make access. Essentially, as the rights by the owners of data are variable, circumstances – not just off-the-shelf products – should dictate all actions relating to the security of these protected items.
A great place to check out more on this topic is with Boole Server. Alternatively, you can download this presentation from a partner/customer roundtable Alpha Data organised in Abu Dhabi earlier this week.