Most companies need to step up their
efforts to protect their confidential data, making greater use of
automated, real-time surveillance, and also not forgetting to monitor
related activities in the Cloud.
Despite the fact that data security is one of
most companies’ central concerns, many still have difficulty detecting
suspicious access to files or noticing privilege escalations. These
findings emerge from a recent report entitled ‘Security Incidents and
Real-time Alerts’ by New York-based data protection and management
company
Varonis.
Over 40% of the firms surveyed at recent infoSecurity events in London
and Orlando, Florida were found to be poorly equipped to detect attempts
at data breaches, having no or only limited automated capabilities –
either real-time alerts or daily/weekly computer generated reports.
The results
show that very few companies (6%) have fully automated event detection
capabilities in real or near-real time. Varonis also asked questions
about the way companies monitor user privileges, file activity and file
access changes.
Lack of automation
One of Varonis’ most eye-opening findings is that close to a quarter
(24%) of the 248 security professionals quizzed said their company had
no breach detection capabilities. In fact only 28% of the firms polled
currently receive real-time alerts or automated activity reports
designed to monitor changes to user privileges, while just 26% receive
them for changes to file access, a figure which does however rise to 44%
when it comes to unusual email activity. Overall, some 19% were
revealed to have limited breach detection capabilities that enable them
to spot some of these anomalous events but only 6% of the respondents
have fully automated breach detection systems in place. However, Varonis
underlines that companies crucially need to invest in automated
detection if they are to successfully mitigate data breaches in good
time, as automation is absolutely essential to achieve real-time
analysis of files and other aspects of the system and ensure that
immediate alerts are sent to the IT department.
Capacity for Cloud monitoring still very weak
The survey results further indicate that many companies urgently need
to improve their monitoring of Cloud activity as well. At a time when
many companies are orienting their processes towards Cloud computing,
there are apparently very few controls in place for monitoring their
employees’ Cloud activities. The study reveals that IT departments’
capacity for tracking such activity is much lower than for monitoring
data stored on the premises: only 22% of the firms surveyed reported
that they were geared up to track data once it is uploaded to the
Cloud.
The feedback from larger corporates presents a slightly more reassuring
picture, but the figure is still low: only around 29% say they are able
to track confidential data transfers in the Cloud.
Aucun commentaire:
Enregistrer un commentaire