News

Most Enterprises Unprotected Against E-mail Security Risks, Study Says

Given the prevalence of spam and the sensationalism that attends just about any incident of unauthorized data leakage, you'd think most shops would have taken steps to proactively protect against both threats.

According to a new survey from market watcher IDC -- sponsored by gateway security specialist Secure Computing Corp. -- you'd be wrong.

The IDC study collected responses from 100 IT pros (including security decision makers) employed by companies with 500 or more employees. It found that nearly three-quarters (72 percent) of organizations don't have solutions in place to prevent data leakage over e-mail.

What's more, IDC said, only slightly more than 10 percent of organizations have actually deployed effective anti-spam technologies. "Organizations need to increase their efforts in combating e-mail security risks," said Brian Burke, IDC's program director for security products, in a prepared release. "While organizations have expressed concern about inbound and outbound e-mail security, their current solutions are not getting the job done. Only 11 percent of those surveyed had adequate inbound protection, and over 70 percent have nothing in place for data loss prevention on e-mail. Such organizations need to take advantage of new solutions and delivery models."

Secure Computing markets a number of solutions to prevent such problems, but the IDC survey doesn't discuss specific vendors. Instead, it touts general technology prescriptions, such as cutting-edge anti-spam or data leakage prevention tools.

For example, 85 percent of respondents say they're "Very Concerned" or "Extremely Concerned" about data leakage over e-mail. In spite of this, IDC found, just over a quarter (28 percent) of shops have actually implemented technology solutions designed to safeguard against leakage -- although more than half said they planned to do so starting next year.

The scope of the problem is probably much bigger than many IT pros realize. According to IDC, the vast majority -- perhaps as much as 80 or 90 percent -- of data loss incidents are accidental. Most of the companies IDC surveyed seem to agree, rating the risk of accidental data leakage as higher than that of deliberate theft. Just 5 percent of respondents said they were "Extremely Concerned" about intentional theft from within, while 44 percent admitted being "Extremely Concerned" about accidental data loss.

According to IDC, more than a quarter (28 percent) of large shops say their spam complaints have increased significantly this year. The reason, IDC said, is that many of them rely on older technologies that can't keep pace with both the increasing volume and sophistication of spam attacks.

The good news, according to the report, is that today's most sophisticated tools can block almost 100 percent of unsolicited spam. The bad news, conversely, is that just 11 percent of shops have deployed solutions (or implemented policies) that meet this standard -- while nearly two-thirds (60 percent) say they can't even block 95 percent of spam communications. Given the ever-escalating volume and variety of spam, this means that more unsolicited e-mails, IMs and other communications are getting through than ever.

IDC concludes with a technology prescription: "Organizations must accelerate their adoption of next-generation e-mail security solutions. The cost of not doing so is increased malware infection through spam and increased data leakage."

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.