Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

4/23/2013
05:56 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Survey: 91% Of People Trust Business To Keep Data Safe Despite Rise In Breaches

Varonis research reveals people take care to protect data but forget to get the basics right

NEW YORK, Apr. 23, 2013 – Research conducted by Varonis, the leading provider of comprehensive data governance software, has found that the vast majority of people expect businesses to protect their data - despite the high number of security breaches reported. The study found that while most respondents have good security practices, they still engage in high-risk behaviors that could enable hackers to breach their data.

The research[i] revealed that an overwhelming 91% of respondents assume businesses protect their personal data and online identities despite reported data breaches for 93% of large organizations and 87% of small businesses in 2013[ii]. Overall, the study shows that data security is highly valued: 97% are more willing to do business with a company that protects data and more than half (54%) would pay a premium if they feel a company is protecting their data.

The respondents exhibited several online security habits that would score fairly high on any security report card. The study found that 71% look at the fine print of end-user license agreements and terms of service. Mobile security is also high on their agenda, with more than three out of four (77%) password-protecting their phone, and almost half (47%) even using two-factor authentication for their personal email and online services.

Unfortunately, Varonis also found that there are some troubling bad habits. While respondents are dutifully password-protecting their phones, 61% always or frequently use the same password across multiple websites or applications - putting personal information across their accounts in danger. Two thirds of respondents (67%) admit to or suspect having sent unencrypted personal information to a business in an email.

David Gibson, Vice President at Varonis explained, "It is encouraging that people are seeking out companies that are better at securing their data - however, the vast number of breaches occurring on an almost daily basis indicates that businesses, just like individuals, are still struggling to get the basics right in securing their data."

Individuals need to focus on eliminating bad "digital" habits and take more control of their security. Businesses have their part to play by making sure IT departments implement basic security best practices.

For individual consumers:

1. Know where your personal information is, who can access it, and understand what service providers can do with your data without opt-out consent

2. Never send unencrypted personally identifiable information (PII) or other sensitive data – especially account numbers, credit card and social security numbers, and health information--in an email

3. Pick strong passwords--mix of upper and lower case, numeric, and special symbols--and use a unique password for each site – password managers are a big help with this

For IT departments:

1. Put basic controls around your sharable, cloud-based data by applying the 4 A's:

· Authentication: verify anyone accessing an account is who they claim to be – multi-factor is better

· Authorization: make sure employees only have access to the data they need

· Auditing: all access must be monitored

· Alert: analyze activity for potential abuse

2. Make sure employees use protected, authorized platforms

3. Focus on the balance between productivity and security--employees need a modern work experience that doesn't put organizational data at risk

To download the full privacy research report, visit http://info.varonis.com/privacy-and-trust

About Varonis

Varonis is the leader in unstructured and semi-structured data governance software. Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged.

Varonis makes digital collaboration secure, effortless and efficient so that people can create and share content easily with whom they must, and organizations can be confident their content is protected and managed efficiently.

Voted one of the "Fast 50 Reader Favorites" on FastCompany.com, and winner of the SC Magazine Innovation, Product or Service of the Year, and Best Network Security Awards, Varonis has more than 4,500 installations worldwide and is headquartered in New York, with regional offices in Europe, Asia and Latin America.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15820
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVE-2020-15821
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-15823
PUBLISHED: 2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15824
PUBLISHED: 2020-08-08
In JetBrains Kotlin before 1.4.0, there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-15825
PUBLISHED: 2020-08-08
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.