50% of computer users have accidentally sent a sensitive email to
the wrong person.
Research conducted by IT security and control firm Sophos has
revealed that 70 percent of businesses are concerned about
sensitive material falling into the wrong hands as a result of data
leakage via email.
A further 50 percent of employees admit to having accidentally
sent an embarrassing or sensitive email to the wrong person from
the workplace, demonstrating that email leakage is a very real
concern. Sophos experts note that it can potentially cause
corporate embarrassment, compliance breaches and the loss of
business critical information.
Sophos experts note that there can also be a significant
financial impact from data such as customer lists, engineering
information, and financial statements falling into the wrong hands.
Suffering economic loss is undoubtedly the most serious potential
consequence of data leakage.
"As more and more business, and indeed personal interaction, is
conducted via work email, the risk of slipping up and clicking send
without double-checking the recipient's details is ever-growing,"
said Graham
Cluley, senior technology consultant at Sophos. "The fact that
as many as half of employees have experienced that heart-stopping
moment when they realize that their message is hurtling towards the
wrong person shows that the human error factor is too significant
to ignore. Businesses would be wise to check that their email
security solutions have the facility to prevent this from happening
by identifying when sensitive data or attachments are contained in
the message, and if they don't, to consider a more water-tight
alternative."
Survey results
Are you worried about sensitive data leaking
from your company via email?
|
| Yes |
|
|
| No |
|
|
Sophos online survey, 200 respondents, November
2007.
Have you ever accidentally sent an embarrassing
or sensitive email to the wrong person from work?
|
| Yes |
|
|
| No |
|
|
Sophos online survey, 300 respondents, October
2007.
To combat the risk of leaked information, Sophos recommends that
companies install an email security
solution that enables them to scan messages for sensitive data
and keywords, and that uses encryption to ensure that business
critical emails are sent securely. Furthermore, an effective
appliance will identify and block confidential attachments,
including those that have had their file type altered by the
sender. This will ensure that accidental email loss and leakage by
malicious intent are both thwarted.
"The vast majority of data leakages via email are purely
accidental, so companies that put a solid solution and security
policy in place, and those that educate employees on responsible
email use, will mitigate the risks and dramatically reduce the
possibility of critical data loss," said Cluley.
Sophos has recently announced that its two email
appliances, the ES1000 and ES4000, now enable companies to
prevent
data leakage via email, as well as continuing to block
email-borne malware, unwanted applications and spam.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.
Disclaimer: Please bear in mind that this poll is not
scientific and is provided for information purposes only. Sophos
makes no guarantees about the accuracy of the results other than
that they reflect the choices of the users who participated.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.