How confidential corporate data leaks in Japan
Advertisement
Ahh, I could write pages and pages on this topic, but as I like getting paid every month I’d better keep quiet and just stick to the facts in this survey from Marsh Inc that was reported on by japan.internet.com on the subject of corporate information leaks. For reference, just last week I looked at leaks from the home environment.
Demographics
Between the 4th and 8th of September 2008 300 members of the Marsh monitor group who used PCs completed a private internet-based questionnaire. The sample was split 50:50 male and female, and 20:20:20:20:20 between those in their twenties, thirties, forties, fifties, and sixty or older.
We have some new rules in our office that have been introduced over the last couple of weeks, which I do recognise will increase data security and reduce the risk of accidental leaks, but… I can’t really qualify that “but” without risking falling foul of said data security rules! Ah well, I’ll have a fun team meeting tomorrow where I plan to point out an issue or two and generally play at awkward buggers.
In Q2, I suspect one can read “can’t answer” as “yes”! Indeed, the sample size for Q2SQ indicates that the “can’t answer” people did regardless.
Research results
First of all, of the 300 people selected, 59.7% said they had policies regarding PC usage at work. Given the high percentages here, I suspect that the original sample was of people who had computers at work, a supposition that Q2 confirms. However the figure was arrived at, these 179 people were asked the following.
Q1: At your workplace, what computer usage restrictions are there in place? (Sample size=179, multiple answer)
Votes Percentage Forbidden to take notebooks out of the office 92 51.4% Limits on access to personal information 88 49.2% Can only access certain web sites 84 46.9% Cannot use USB memory, other external devices 83 46.4% Security software installed on staff computers 82 45.8% Education regarding information security 79 44.1% Cannot read, write, update SNS 72 40.2% Cannot use file-sharing software 71 39.7% Cannot read, write, update blog 69 38.5% Cannot use web mail 69 38.5% Cannot download software from internet 63 35.2% Cannot use instant messenger 60 33.5% Need user identification to use computers (biometrics, IC card, etc) 59 33.0% Cannot view movies 50 27.9% Use network encryption (VPN, etc) 48 26.8% Use encrypted USB memory 39 21.8% Cannot use podcasts 37 20.7% Other 7 3.9% Now, back to all 300 people.
Q2: At your workplace, has there been an incident where personal information was leaked? (Sample size=300)
Yes (to SQ) 11.3% No 77.7% Can’t answer (to SQ) 11.0% Q2SQ: What was the cause of the personal information leaks? (Sample size=67, multiple answer)
Votes Percentage Staff losing personal information on PCs, disk drives, USB memory, etc 33 49.3% Staff losing documents like customer lists 23 34.3% Staff mistakingly leaking personal information from computer (eg, wrong email recipients) 19 28.4% Leak from using Winny, other file-sharing software 14 20.9% Illegal access to system resulting in personal information loss 12 17.9% Trojans, virus infection causing information loss 12 17.9% Staff intentionally disclosing personal information 9 13.4% Leak of personal information through a fphishing site, etc 2 3.0% Don’t know 20 29.9% Other 3 4.5%
Subscribe to feed