BOSTON, MA--(Marketwire - August 12, 2010) - Your enterprise's use of content-aware technologies to identify sensitive data that requires protection is necessary, but not sufficient; the ultimate goal is for your organization's policies regarding the protection of sensitive data to be successfully enforced. Aberdeen Group, a Harte-Hanks Company (
In its fourth annual study on data loss prevention, Aberdeen identified three basic strategic approaches for the enforcement of established security policies:
None / Passive -- this approach corresponds to the passive types of controls, such as logging for audit purposes and sending notifications to administrators, end-users, and / or managers
User-based -- this approach requires a human (administrator or end-user) to make a decision about the sensitive data that has been identified and the controls that should be invoked to enforce the organization's established policies
Automated -- this approach refers to controls that are invoked automatically for data that has been identified as sensitive by content-aware technologies
In absolute terms, companies adopting the Automated approach to remediation spent about $50 more per user per year than those taking the User-based approach -- consistent with their higher investments in preventative technologies such as encryption, enterprise rights management and secure file transfer. They also experienced an average of one-third fewer data loss or data exposure incidents over the last 12 months, however, successfully avoiding more than $2M in associated costs -- a nearly 5-times return on their incremental investment.
"IT Security always has its focus on protecting the enterprise, but one of its bedrock principles is similar to the Hippocratic Oath -- 'first, do no harm'," commented Derek E. Brink, Vice President and Research Fellow for IT Security, Aberdeen Group. "As the DLP initiatives mature, however, Aberdeen's research demonstrates that the Automated approach to remediation leads to enhanced security, higher scale and lower overall cost. Leading solution providers for content-aware technologies have been busy in recent months with new releases, acquisitions and partnership activities to increase the synergies between identification and remediation."
To obtain a complimentary copy, visit http://www.aberdeen.com/aberdeen-library/6724/RA-data-loss-prevention.aspx.
For access to additional complimentary Information Technology research, visit http://research.aberdeen.com/index.php/-information-technology.
To view complimentary webcasts highlighting findings from this and other Aberdeen IT Security research, visit http://www.brighttalk.com/channel/290.
About Aberdeen Group, a Harte-Hanks Company
Aberdeen provides fact-based research and market intelligence that delivers demonstrable results. Having queried more than 30,000 companies in the past two years, Aberdeen is positioned to educate users to action: driving market awareness, creating demand, enabling sales, and delivering meaningful return-on-investment analysis. As the trusted advisor to the global technology markets, corporations turn to Aberdeen for insights that drive decisions.
As a Harte-Hanks Company, Aberdeen plays a key role of putting content in context for the global direct and targeted marketing company. Aberdeen's analytical and independent view of the "customer optimization" process of Harte-Hanks (Information - Opportunity - Insight - Engagement - Interaction) extends the client value and accentuates the strategic role Harte-Hanks brings to the market. For additional information, visit Aberdeen or call (617) 854-5200, or to learn more about Harte-Hanks, call (800) 456-9748.
© 2010 Aberdeen Group, Inc., a Harte-Hanks Company
451 D Street, Suite 710
Boston, Massachusetts 02210-1928
Telephone: (617) 854-5200
Fax: (617) 723-7897
www.aberdeen.com