Dell Study: Lack of Leadership, Resources Putting Company Data at Risk

Dell, in cooperation with its announcement of a planned suite of mobile data solutions for its Latitude line of laptops, released a study on the business risks created by lost or stolen laptops, which it commissioned from the Ponemon Institute.
 
Each week, 12,000 laptops are lost in airports, Ponemon reports on its Website, which is a fitting context for the study results.
 
Ponemon conducted 3,100 Web-based surveys of IT and IT security practitioners in the United States, the United Kingdom, Germany, France, Mexico and Brazil to better understand the risks to organizations' personal and confidential information as the number of lost and stolen employee-assigned laptops increases-as well as to see how the security culture varies among countries.
 
Among the findings of the study were that laptop losses are increasing, na???ve or indifferent practices are putting customer and enterprise data at risk, and a need for greater mobile device security is a reality throughout the international business community.
 
In the United States and the United Kingdom, the reported No. 1 reason that stolen or lost laptops create risk-as well as expenses-for businesses is insufficient resources to enforce compliance, followed by ineffective security leadership and a lack of support from senior management.
 
When asked how the number of laptop losses has changed from prior years, all six countries overwhelmingly reported the numbers are increasing. IT in all countries also reported overwhelmingly-75 percent in the United States, 70 percent in the United Kingdom, for example-that they knew of an incident in their organization in which confidential or sensitive information was at risk as a result of a lost or stolen laptop.
 
When asked how often an employee, temporary employee or contractor puts their organization's confidential data at risk, 54 percent of U.S. respondents responded frequently, and when asked how many laptops were lost or stolen within the past year in their organizations, 31 percent didn't know and 23 percent responded "between 11 to 20."
 
"Anytime and anywhere employees, temporary employees and contractors can access and store enormous amounts of confidential data about customers, employees and their organizations' operations. When these laptops are lost due to negligence or theft, the data is at risk if the organization has failed to use such safeguards as encryption or anti-theft technologies," writes Dr. Larry Ponemon, author of the report.
 
In the report, Ponemon offers seven steps for reducing the risks incurred by stolen or lost laptops, including conducting an audit to determine where laptops are used within your organization; conducting a risk assessment to determine possible theft scenarios for the data stored, processed or transmitted by the laptop; and implementing the required protection strategies.
 
"Training employees on the importance of safeguarding their laptops, putting physical and electronic security measures in place and having a data recovery team available can do much to reduce the business risk of a lost laptop," Ponemon writes.
 
Dell released the report on April 16, which coincided with an announcement from PC rival Lenovo, which will be offering a Hardware Password Manager solution for fully encrypted hard drives.