Trends
Protect data from employees
Organizations
routinely invest significant resources to
ensure the security of confidential customer
and employee information, such as home
address, Social Security number and date of
birth. In addition to perimeter security,
common internal security measures include
employee education programs, data access
monitoring and strict policies regarding use
of USB ports and portable devices.
Intentional data theft and unintentional
data loss by authorized employees, however,
continue to be the most common sources of
data breaches. Organizations struggle with
the threat of the "human element"–employees
with access to a company’s most valuable
information.
ID Analytics, a provider of on-demand
identity intelligence, conducted an internal
data theft study that provides an analysis
of the behavior patterns associated with the
misuse of identities stolen from the
workplace by employees. The study’s findings
also provide an understanding of the harm
resulting from an internal versus external
data breach.
The research examined more than a dozen
incidents of internal data theft involving
more than five million identities from
consumer and employee files across
organizations in the government, education
and commercial sectors. Of these, eight
incidents ultimately led to more than 1,300
cases of attempted fraud targeting bank
card, retail card and wireless providers.
The research uncovered associations between
transactions and patterns of behavior after
data theft had taken place. Key findings
from the study include:
- Of the eight internal data breaches
where harm was found, organized misuse
ranged from 3 percent (data leak caused
by mishandling data) to 36 percent
(targeted employee data theft) of the
identities stolen.
- The identities associated with these
internal incidents were up to 24 times
more likely to be misused than the
average U.S. consumer’s identity.
- Fraudulent activity relating to each
incident of internal data theft took
place within 20 miles of the source,
indicating that the stolen identities
had not been sold or distributed on a
national level.
- Fraudulent activity reflected an
increase in attempts to acquire wireless
phones. Of the 1,300 cases of attempted
fraud, 69 percent targeted the wireless
industry.
Identities involved in internal data
theft were misused in similar patterns to
those taken via external attacks in terms of
period of use and using the Internet to
commit fraud. Most of the stolen identities
in the study were used briefly–over a period
of two weeks. In five of the eight internal
data breach cases, 80 percent of the
fraudulent activity was online.
"Companies should be on the alert for
what may be the biggest security threat to
their customers–employees with access to
sensitive customer data," says Mike Cook,
co-founder and chief operating officer, ID
Analytics. "Given the balance between the
need to grant employees access to
information to complete their job functions
and the need to protect sensitive customer
data, we encourage companies to implement
strategies that increase visibility and
reduce the risk of data loss."
Cell phone users frustrated
More
than a third of mainstream consumers over
the age of 30 experience significant
frustration associated with their cell
phone’s interface, according to a study by
Bowen Research. The study indicates a
digital divide between people under 30 or
over 30 who use standard cell phones, with
the under-30 set experiencing problems much
less frequently and resolving issues quickly
by simply asking a friend how to do it.
"Cell phone manufacturers aim to
distinguish themselves from their
competition with increasingly complex
features and unique interfaces, yet
consumers over 30 have this frustrating
sense of ‘enough already,’" says Hugh Bowen
of Bowen Research. "That demographic wants
features that are easily accessible, not
lost in multiple levels of menus within
menus; they want large fonts they can read;
and they want a simpler button setup so
they’re not so confused about what they’re
doing."
Even basic features like dialing, speaker
phone and using the address book prove
difficult and confusing for users 30 and up,
a group that numbers more than 40 million in
the United States. Many of these fed up
phone users spend time reading manuals and
contacting customer service only to give up
trying to determine how to use phone
capabilities like texting, synching with
their computer, e-mail, games and ringtones.
While participants in the under-30
category indicated they used 52 percent of
their phone’s features, that figure dropped
a full 12 percent for over-30 participants.
A repeated sentiment from the over-30
group was that many cell phone features are
difficult to learn and that cell phones are
"out of your control," because when they try
to do one thing, something different
happens. Or, if they do learn how to do
something, it is so complicated that they
forget it several months later when they
want to do it again.
Three days down the drain
That is what the latest research from global
IT services firm Dimension Data revealed in
its Network Performance Frustrations
Research Report. For example, 30 percent of
end-users and IT staff bemoan frequent
computer crashes and sluggish software.
The research surveyed 957 IT users and
267 IT decision makers across the globe and
shows that the average IT user wastes at
least two hours a month, or two to three
workdays a year, on network-induced delays.
Multiply that across an entire workforce and
that is a serious hit on productivity. The
biggest network bottlenecks:
- 35 minutes lost per month on network
log-in delays;
- 25 minutes lost per month on e-mail
delays; and
- 23 minutes lost per month on file
transfers delays.
Even worse is that IT departments are
unequipped to address these nagging holdups,
Dimension Data says, which does not bode
well for long-term strategies on application
performance or capacity planning:
- Twenty percent of IT decision makers
do not consider network performance when
calculating return on investment.
- Forty-eight percent do not consider
network infrastructure as a "continuous
budget spend."
- Just under a third of IT departments
have complete, defined processes for
handling network performance issues.
Short takes
Working remotely
Companies that give their workers the
option of telecommuting are benefitting from
greater productivity, lower costs, more
options for finding and retaining qualified
staff, and improved employee health,
according to a survey released by the
Computing Technology Industry Association
(CompTIA). More than two-thirds (67 percent)
of survey respondents said their
organization has experienced greater worker
productivity as a result of allowing
employees to telecommute.
"With ‘anywhere’ connectivity, faster
broadband options and high-quality video and
online conferencing choices, the opportunity
for virtual offices is greater today and
more affordable for businesses of all sizes
and types," says Todd Thibodeaux, president
and chief executive officer, CompTIA.
Companies that utilize telecommuting are
also benefitting from cost savings through
reduced use of office-related materials and
resources and lower vehicle-related
expenses.
In addition, 39 percent of survey
respondents said their companies have access
to more qualified staff, especially those
who may not otherwise be geographically
accessible, because they offer telecommuting
as an option. Another 37 percent of
respondents said telecommuting helps improve
employee retention. One-quarter of survey
respondents said telecommuting improves
employee health, mainly through reduced
stress levels.