Security Experts:

Nearly Half of Business Data Outside the Firewall, Symantec Study Finds

The fortress walls organizations need to build around the data for security are getting larger, and do not stop at the data center.

According to a new study released by Symantec, almost half (46 percent) of all the data in many organizations is being stored outside the firewall. For small to midsized businesses (SMBs), the number is even higher, at 53 percent. The figures come from Symantec's 2012 State of Information Report, which takes on the issue of information sprawl and includes responses from executives at 4,506 organizations in 36 countries.

"Businesses are undergoing a transformation unlike anything we've seen before," said Francis deSouza, group president of Enterprise Products and Services for Symantec, in a statement. "With mobile devices and cloud giving employees access to information from nearly anywhere, we're also seeing more sensitive information living beyond the traditional IT boundaries. This is creating concern about how to best protect this information."

The growth of mobility has contributed to sprawl, with smartphones and tables storing 14 percent of business information globally for enterprises, according to Symantec. This number was particularly high in India, where it was 62 percent, and in Australia and New Zealand, where it was 46 percent. Globally, 23 percent of information is stored in the cloud, between public, private and hybrid deployments. In Indonesia, that number was 45 percent.   

"When survey respondents were asked what would happen if their organization’s information were to be irrevocably lost with no chance of recovery, the responses included lost customers (49 percent), damage to the brand (47 percent), decreased revenue (41 percent), increased expenses (39 percent) and a tumbling stock price (20 percent)," according to the report.

According to report, organizations should focus more on the data, and not on the device or the data center.

"Organizations need to gain a complete understanding of their information," the report recommends. "The survey showed that many organizations lack even basic knowledge such as who owns specific information, how important the data is or even whether it is personal or business in nature. By mapping and classifying information, organizations can discover its relative value. This makes it easier to prioritize security, protection and management resources so that companies can focus on the information that really matters to them."

The report can be read here. 

Subscribe to the SecurityWeek Email Briefing
view counter