Unsecured sensitive data discovered on 36% of Enterprise computers

A specialist risk-mitigation software vendor has seen a rise in the levels of risk it discovers when scanning computer networks in the enterprise & public sector for unsecured sensitive data and inappropriate images.

"We had expected to find an improved compliance culture, given the reputational & financial damage organisations face from any incident of data leakage or pornography in the workplace" said the CEO Colm Doherty, "but the human factor remains as an issue"

The company�s software was used to scan PCs, fileshares and e-mail accounts in more than 150 organisations. Despite a rise in regulatory compliance imperatives and investments made in network gateway controls, the company discovered disturbing levels of personal & sensitive data, leaving organisations open to potential ID fraud and intellectual property theft.

"We found suspected sensitive data on 46% of PCs, in 32% of e-mail accounts and 30% of server shares" says Andy Churley, Chief Marketing Officer, adding "We were concerned at the volume and nature of the material we found, including full credit card details, National Insurance & pension details and network logins & passwords. In most of the organisations scanned, we found more than enough material to perpetrate ID fraud and the constitute a significant loss of critical data such as financial information and intellectual property"

During the past year, they also saw a rise in the volumes of Inappropriate Images both stored & circulated within the enterprise and beyond it to external parties. Pornographic or inappropriate material was found on 28.5% of PCs in 2007, up from 25% in 2006 and in 14.4% of e-mail accounts, up from 12.4% in 2006.

"What�s interesting is that this issue persists, regardless of the significant investments made in content filtering and gateway controls in recent years", says Churley, adding "it just reinforces the need to know what is actually on your network, by conducting regular risk audits"

Audit figures point to high level of inappropriate and illegal images on corporate and pubic sector networks.

With a third of all images found created in the last 12 months it is clear that employees continue to ignore corporate policies and in some cases are going to extraordinary lengths to bypass protection systems to obtain and distribute inappropriate material. Boundary protection systems alone will not stop digital pornography from entering an organisation.