09-15-2006, 11:00 AM
Quote:IDC reports that approximately 50 percent of data loss incidents are due to insiders, with the FBI rating insider data loss around 70 percent. Both groups agree the majority of these incidents are the result of poor corporate policies or lack of organizational definition of what constitutes sensitive information. In large distributed enterprises with hundreds or thousand of users, data can be anywhere and everywhere. It is this issue of not knowing where sensitive data resides that creates a potential accident waiting to happen. And when it does occur, the affected company is subject to potential fines, customer or shareholder lawsuits and a loss of brand equity.
Faced with these potential consequences, companies are struggling to implement a content protection mechanism that will not interrupt their general course of business. The most secure approach would be to lock down all sensitive data in a central server and not allow any information to migrate to a user's desktop. While this would almost certainly guarantee the safety of sensitive information, it makes for an almost unusable system. Another approach is to write a strict policy for that sensitive data and audit the company's employees to ensure compliance, but this would be very hard to manage in today's dynamic corporate environment...
full article: http://ecommercetimes.com/story/OS02txt6...g-It.xhtml