Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

New Research Shows User Errors the Leading Cause of Data Loss

  • 10 March, 2007 11:00

<p>Quarterly Research from the IT Policy Compliance Group Indicates 68 Percent of Organisations Experience Six Losses of Sensitive Data Annually</p>
<p>AUSTRALIA, Sydney – 9 March 2007 – The IT Policy Compliance Group today announced the availability of its latest research report titled "Taking Action to Protect Sensitive Data." According to the report, twenty percent of organisations are suffering from 22 or more sensitive data losses per year. The most sensitive losses include customer, financial, corporate, employee, and IT security data, which is either stolen, leaked, or destroyed. The primary channels through which data is lost – in order of risk – includes PC’s, laptops and mobile devices, email, instant messaging, applications and databases.</p>
<p>Organisations experiencing publicly reported data breaches are finding it costs money and customers to not protect data; on average these firms are experiencing an 8 percent loss of revenue and a similar loss of customers worried about personal data. Compounding the revenue and customer losses are additional expenses averaging $100 per lost or stolen customer record to notify customers and restore data.</p>
<p>"Preventative measures such as built-in IT controls are vital to ensuring that businesses protect the data they collect. It shouldn’t be an after thought, but rather considered up-front in the design of hardware and software redundancy to ensure the information is kept secure and supported throughout the data lifecycle," says Heriot Prentice, director of technology practices at The Institute of Internal Auditors. "It’s that simple. If you collect it, then protect it".</p>
<p>The benchmark results show that firms with the fewest data losses are identifying sensitive core business data, mitigating user errors, policy violations and internet attacks, and monitoring many different IT controls and procedures weekly. The first line of defense to protect data continues to be the people who are handling data. Businesses must develop and update policies for sensitive data protection, handling, retention, and destruction that include accountability programs.</p>
<p>"While some of the results here may give cause for alarm, there's also the strong suggestion that some organisations have managed to provide responsible oversight of their data, said Robert Richardson, director at the Computer Security Institute. "These are organisations we want to applaud and to emulate."</p>
<p>According to responses from organisations with the fewest losses of sensitive data, they are spending more time monitoring policy compliance and are employing multiple IT controls to reduce the loss of sensitive data. Best-in-class organisations are monitoring and measuring controls and procedures to protect sensitive data once a week, while most firms are conducting such measurements only about once every 176 days. In addition, organisations with the fewest losses of sensitive data classify IT security and regulatory data as sensitive and take the necessary steps to secure it.</p>
<p>"Failing to protect IT security and regulatory audit data is like a bank giving away the combination to the vault," said Jim Hurley, managing director, IT Policy Compliance Group. "Instead of securities and cash, these firms are putting sensitive data, customers, revenues and business futures entirely at risk."</p>
<p>The IT Policy Compliance Group report outlines recommendations to help organisations improve sensitive data protection. These include:</p>
<p>· Taking time to identify the most sensitive business data</p>
<p>· Training employees and implementing technology to mitigate user errors, policy violations, and internet attacks</p>
<p>· Monitoring controls and procedures to ensure compliance</p>
<p>· Increasing the frequency of audits and measurements</p>
<p>For more information and to download the latest research report titled "Taking Action to Protect Sensitive Data" visit <http:></http:> .</p>
<p>About IT Policy Compliance Group</p>
<p>The IT Policy Compliance Group is dedicated to improving IT compliance results for organisations and is made up of members from several leading organizations including: the Computer Security Institute, The Institute of Internal Auditors, Protiviti, and Symantec Corporation (NASDAQ: SYMC). The group conducts fact-based benchmark research to determine the best practices that result in improvements to IT compliance results for organisations.</p>
<p>NOTE TO EDITORS: If you would like additional information on the IT Policy Compliance Group, please visit the About Us section of the Web site at</p>
<p>Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.</p>
<p>Debbie Sassine
+61 2 8879 1110</p>
<p>Angela Coombes
Max Australia
+61 2 9954 3492</p>

Most Popular

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Latest Articles


PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?