SOURCE: Vormetric

February 13, 2006 12:19 ET

Rising Threat to Confidential Data Attributed to Insiders, New Studies Show

Too Many Users Have Access to Confidential Data

SANTA CLARA, CA -- (MARKET WIRE) -- February 13, 2006 -- According to separate new studies by Enterprise Strategy Group and Data Security Company Vormetric Inc., insiders such as employees, contractors and outsourcing partners pose the most serious threat to sensitive data.

Insider data breaches seemingly happen every week. For example, just last week, February 7, 2006, Honeywell reported that a former employee disclosed sensitive information relating to 19,000 of the company's U.S. employees. In court filings, Honeywell claimed that the former employee intentionally exceeded authorized access to a Honeywell computer, but the integrity of Honeywell's computer systems was not compromised. Just the week prior, Feb 1, 2006, in an apparent attempt to recycle discarded internal reports, The Boston Globe and Worcester Telegram & Gazette printed and compromised the credit card and bank number information belonging to more than 240,000 subscribers.

According to a new study by the Enterprise Strategy Group, more than two-thirds of the 227 survey respondents said that their confidential data was most vulnerable to insider attacks -- with the highest vulnerabilities from employees, contractors & outsourcing partners.

"The need to protect confidential data cuts across companies large and small, within every industry," said Jon Oltsik, Senior Analyst, Information Security. "The results of our research data shed new light on the need for all organizations to protect against the insider threat, and the importance of including contractors and third-party affiliates as insiders in today's global marketplace."

The ESG Research Report, "Protecting Confidential Data: An ESG Research analysis of end-user security, privacy, and technology challenges," will be available in February, 2006.

In line with ESG's findings, Data Security Company Vormetric Inc. surveyed 436 enterprise users at the Gartner ITxpo exposition in Orlando, Florida last quarter. Vormetric found:

--  Almost 60% of the data breaches were from Internal attacks
--  Almost 90% have to protect valuable data from their own internal users
--  81% of respondents said they need to protect stored data (a.k.a. data
    at rest) that resides in multiple forms, geographies and disparate IT
    devices.
--  More than 80% have data that requires protection and is stored in
    multiple forms
--  In terms of drivers for data protection: 40% said keeping my
    organization out of the press, 41% said keeping auditors happy, 37% said
    adhering to corporate governance & state laws, 12% keeping my boss happy
    
"Most of our customers tell us that they need to protect sensitive data from insiders, including system administrators," said Tom Grubb, Vormetric Vice President, Marketing. "Vormetric's CoreGuard is the only data protection system available today that enables organizations to control unauthorized access to data by anyone -- even root users -- without disrupting their ability to manage the data."

Public data breaches are driving higher expectations on the part of customers to demand more from companies they entrust with their non-public information such as credit card information. The studies underscore the need for companies entrusted with customer data that they must take steps to prevent against insider data theft. Vormetric helps companies protect their sensitive data and adhere to compliance regulations like PCI-DSS, GLBA & Sarbanes-Oxley (SOX). Vormetric has been steadily gaining awareness and market share resulting in quarterly doubling of billings throughout the end of 2005.

About Enterprise Strategy Group (ESG)

Enterprise Strategy Group (ESG) is a leading industry analyst firm that provides strategic guidance and unmatched service to technology vendors, IT professionals, venture capitalists, and institutional investors. The Enterprise Strategy Group evolved from the Enterprise Storage Group, and now offers products and services focused on application infrastructure and information security while it continues to set the tone for storage and information management. Enterprise Strategy Group sets itself apart from legacy analyst firms and boutiques by continuing to build its excellent reputation of assisting clients to make strategic business and IT decisions.

About Vormetric

Vormetric is a leading provider of solutions for protecting enterprise information from unauthorized access or theft. The company's CoreGuard system is a single, scalable and manageable system for data privacy and protection that enables businesses and government agencies to control who, what, when, where and how people can access sensitive information. CoreGuard protects intellectual property and enables enterprises to comply with increasingly strict data privacy and system integrity regulations. Founded in 2001, Vormetric is a privately held company with headquarters in Santa Clara, California. More information is available at www.vormetric.com

Vormetric, the Vormetric logo, CoreGuard and MetaClear are trademarks of Vormetric Inc.

All other trademarks are the property of their respective owners.

Contact Information

  • PR Contact:

    Terry Hunt
    Manager, Marketing Communications
    Vormetric
    408 961-6119
    Email: Email Contact