Most Enterprises Unprotected Against E-mail Security Risks, Study Says

Given the prevalence of spam and the sensationalism that attends just about any incident of unauthorized data leakage, you'd think most shops would have taken steps to proactively protect against both threats.

According to a new survey from market watcher IDC -- sponsored by gateway security specialist Secure Computing Corp. -- you'd be wrong.

The IDC study collected responses from 100 IT pros (including security decision makers) employed by companies with 500 or more employees. It found that nearly three-quarters (72 percent) of organizations don't have solutions in place to prevent data leakage over e-mail.

What's more, IDC said, only slightly more than 10 percent of organizations have actually deployed effective anti-spam technologies. "Organizations need to increase their efforts in combating e-mail security risks," said Brian Burke, IDC's program director for security products, in a prepared release. "While organizations have expressed concern about inbound and outbound e-mail security, their current solutions are not getting the job done. Only 11 percent of those surveyed had adequate inbound protection, and over 70 percent have nothing in place for data loss prevention on e-mail. Such organizations need to take advantage of new solutions and delivery models."

Secure Computing markets a number of solutions to prevent such problems, but the IDC survey doesn't discuss specific vendors. Instead, it touts general technology prescriptions, such as cutting-edge anti-spam or data leakage prevention tools.

For example, 85 percent of respondents say they're "Very Concerned" or "Extremely Concerned" about data leakage over e-mail. In spite of this, IDC found, just over a quarter (28 percent) of shops have actually implemented technology solutions designed to safeguard against leakage -- although more than half said they planned to do so starting next year.

The scope of the problem is probably much bigger than many IT pros realize. According to IDC, the vast majority -- perhaps as much as 80 or 90 percent -- of data loss incidents are accidental. Most of the companies IDC surveyed seem to agree, rating the risk of accidental data leakage as higher than that of deliberate theft. Just 5 percent of respondents said they were "Extremely Concerned" about intentional theft from within, while 44 percent admitted being "Extremely Concerned" about accidental data loss.

According to IDC, more than a quarter (28 percent) of large shops say their spam complaints have increased significantly this year. The reason, IDC said, is that many of them rely on older technologies that can't keep pace with both the increasing volume and sophistication of spam attacks.

The good news, according to the report, is that today's most sophisticated tools can block almost 100 percent of unsolicited spam. The bad news, conversely, is that just 11 percent of shops have deployed solutions (or implemented policies) that meet this standard -- while nearly two-thirds (60 percent) say they can't even block 95 percent of spam communications. Given the ever-escalating volume and variety of spam, this means that more unsolicited e-mails, IMs and other communications are getting through than ever.

IDC concludes with a technology prescription: "Organizations must accelerate their adoption of next-generation e-mail security solutions. The cost of not doing so is increased malware infection through spam and increased data leakage."

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.


  • Microsoft Secure Score Hits General Availability

    Microsoft on Monday announced the general availability of the Microsoft Secure Score service within the Microsoft 365 Security Center portal.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft Teams Roadmap: Support for 1,000 Meeting Attendees, New Hardware

    Microsoft Teams is poised to receive a raft of new features in the coming months, many of them designed to make remote videoconferences feel more "natural."

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.