E-mail Continues to be the Top Source of Corporate Data Loss

Sue Marquette Poremba

We all know that new and growing technologies go hand-in-hand with new and growing security risks. However, the newest Proofpoint survey shows that enterprise's biggest security problem is one the oldest technologies -- email.


The survey, "Outbound Email and Data Loss Prevention in Today's Enterprise, 2010" polled 261 e-mail and messaging decision-makers at companies with more than 1,000 employees. They reported that e-mail continues to be the No. 1 source of data loss risks in large enterprises. More than a third (35 percent) had investigated a leak of confidential or proprietary information sent in e-mail in the previous 12 months. But the positive aspect to that statistic is that companies are taking a stand against e-mail violators. The report stated:

Thirty-two percent investigated a suspected violation of privacy or data protection regulations related to email. [Of those investigations,] twenty percent terminated an employee for violating email policies. Fifty percent disciplined an employee for such violations.

Of course and not surprisingly, other emerging technologies, like social media, mobile devices, and cloud computing, are causing increases in security risks. All in all, perhaps the most alarming result of the survey was this: Despite growing awareness of risks involved, data loss continues to have a major impact on the enterprise. According to the survey:


  • Thirty-six percent of respondents said their organization was affected by the exposure of sensitive or embarrassing information in the past 12 months.

  • Thirty-one percent of respondents said their organization was affected by the improper exposure or theft of customer information in the past 12 months.

  • Twenty-nine percent of respondents said their organization was affected by the improper exposure or theft of intellectual property in the past 12 months.


In light of the survey, Frank Kenney's tips on how to keep company data safe are highly relevant to lessening some of the risks of data loss.

Add Comment      Leave a comment on this blog post
Aug 31, 2010 9:26 AM Juliette_msc Juliette_msc  says:

If there are no suitable company policies in place and clear compliances to uphold, then monitoring the loss of data may be harder, primarily due to a lack in education of employees regarding standards they are expected to uphold.

Once these policies are stipulated then email monitoring systems can be introduced such as MSCMail. These programmes can then monitor all messages sent and received in order to protect against, not only incoming threats, but also the distribution of sensitive, classified information. Not only are the inbound and outbound messages scanned, but the subject header, body, attachment and the recipient or sender too. This helps to prevent either malicious or unintentional confidential data leakage.

Another method which acts as a suitable deterrant is mail archiving, whereby every message sent or received, externally and internally is kept and scanned. This not only reduces threats, but discourages employees from sending questionable information once they know the mail is being monitored in this manner. As a result, dismissals can occur from data breaches.

Without clear policies in place then companies would be na�ve to expect their employees understand the potential implications of data leakage.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.