Data security breaches are on the rise despite organisations trying to improve data security. So why do they fail?
Posted by Marc Lee - Director of EMEA Sales on Fri, Oct 28, 2011
The UK Information Commissioner’s Office (ICO) confirmed what many already knew: data breaches have risen by 58% in the past year suggesting that too many UK organisations are failing to comply with data protection best practices and the rule of law as defined by the UK Data Protection Act.
According to a recent article in ComputerWeekly.com, some of the major vulnerabilities that ICO identified within the surveyed organisations were lack of effective security policies, poor monitoring of data use by contractors and data processors, and failure to control access to both computer networks and work environments.
Certainly organisations, end users and customers need to have a better awareness of how they can protect sensitive data because trust and security as fundamental to how our increasingly digital economies and societies function and flourish.
But it is important to reflect on why organisations aren’t being more vigilant and rigorous in their pursuit of data protection especially around the risks of identity and access. As an industry we need to honestly ask ourselves are we making it easy and simple enough for our IAM solutions to be adapted and deployed to resolve the challenges facing our customers.
Quite often the problem is not the lack of willingness on the part of organisations to ensure strict data security controls, but the difficulty to ‘do it right’. The implementation of effective access risk management solutions for example is often hindered by a long and complicated deployment process that requires significant investment and long time to achieve ROI. Furthermore, if not implemented properly, the IAM solution cannot deliver optimal results, thus leaving space for security vulnerabilities.
It is our duty as members of the IAM industry to make deployment of IAM solutions easier and faster for organisations while enabling a better understanding of access risk and implementing the needed tools to control it. This will foster wider adoption of IAM solutions within organisations and will help ensure that access to sensitive data is adequately monitored, managed and enforced.