Outsourcing risks data breaches
(4 March 2010 – Global) Research commissioned by software provider Compuware has revealed that outsourcing data to vendors and other third parties is one of the main causes of data breaches at financial institutions.
The research conducted by the Ponemon Institute indicated that there are six primary areas of vulnerability to privacy and data security at financial institutions; risk of data breach, diminishment of customer loyalty and trust, malicious or negligent insiders, risk of outsourcing confidential data to third parties, regulatory non-compliance, and ineffective privacy and information governance.
75 percent of senior staff surveyed, with security responsibility, said that negligent insiders were the number one reason for data breaches.
The second most common form of data security breach was the outsourcing of data to vendors and third parties, cited by 42 percent, followed by malicious insiders, 26 percent.
Of those surveyed 83 percent said they use real data in the development and testing of applications and a majority of these do not take appropriates steps to protect this confidential and sensitive information.
Only 56 percent have identity compliance procedures in place, while just 47 percent have intrusion detection systems.
Data loss protection technology is used by only 41 percent, while 88 percent still use social security numbers as a primary identifier.
75 percent of senior staff surveyed, with security responsibility, said that negligent insiders were the number one reason for data breaches.
The second most common form of data security breach was the outsourcing of data to vendors and third parties, cited by 42 percent, followed by malicious insiders, 26 percent.
Of those surveyed 83 percent said they use real data in the development and testing of applications and a majority of these do not take appropriates steps to protect this confidential and sensitive information.
Only 56 percent have identity compliance procedures in place, while just 47 percent have intrusion detection systems.
Data loss protection technology is used by only 41 percent, while 88 percent still use social security numbers as a primary identifier.
Subscribe