European Organizations Slow to Adopt Data Loss Prevention Tools

IT management software provider, CA (NASDAQ: CA), today announced the results of a European IT Security study revealing that organizations across several European countries are not utilizing Data Loss Prevention (DLP) technology.

The survey revealed that 64% of organizations in the UK are not using Data Loss Prevention technology and other countries such as France (23%), Ireland (50%), and Italy (60%) report low utilization.

CA warns that without taking steps to identify sensitive data throughout the enterprise and protect it from loss or misuse, organizations are at risk of severe consequences for non-compliance, potential damage to brand reputation, and reduced competitiveness.

The survey showed that IT departments across the UK are struggling to deal with compliance issues, such as the Payment Card Industry Data Security Standard (PCI DSS) and the ISO 27001 information security standard. The slow adoption of DLP technology is likely due to the fact that organizations are unaware of how the technology could help and many are unable to convince the business of the inherent risks to justify the investment.

With more organizations adopting cloud computing solutions and storing data on infrastructure managed by third parties, the need to apply security policies at the data level is stronger than ever. The CA survey highlights that IT security is a key factor in enabling the use of cloud computing among UK organizations. DLP tools help with understanding the sensitivity of data and enable real time decisions to be made on what should and should not processed and stored in each cloud environment.

“The survey findings, provide clear and timely evidence that UK organizations require DLP technology in order to effectively support their compliance requirements, protect their brand value, and maximize competitiveness,” says Simon Godfrey, Director, Information Security, Risk and Compliance, CA.

Godfrey added, “Linking DLP with IAM provides the right combination to achieve this: allowing organizations to discover, monitor, and control critical information wherever it is located, while ensuring that the information is only used by the right individuals in the right way and according to their roles and privileges. In essence, with the proliferation of sensitive information across enterprises, this combination enables a much-need practical approach for applying the principle of least privilege.”

The survey was conducted by interviewing 270 IT Directors, Senior IT Security Managers, and other IT Managers in four vertical sectors: telecommunications & media, manufacturing, financial services, and government. The survey came from organizations across 14 countries-including Belgium, Denmark, Germany, Finland, France, Ireland, Israel, Italy, the Netherlands, Norway, Portugal, Spain, Sweden, and the UK and was conducted in the second half of 2009.

More Information is available at the CA Media Resource Center: http://www.ca.com/gb/mediaresourcecentre