An alarming 94% of companies are powerless to stop confidential information from leaving their organisations by e-mail.
This is one of the findings of an independent survey commissioned by Mimecast, which reveals that just 6% of all respondents are confident that anyone attempting to send confidential company information by e-mail out of the organisation would be prevented from doing so.
The survey, conducted amongst a sample of 125 IT managers, reveals that 32% of companies would not even be aware that confidential information had been leaked, so would be unable to take steps to minimise the damage or track down the source of the information. However, 62% would be able to retrospectively identify the e-mail leak once the information had been sent, but confessed to being unable to prevent its disclosure.
According to Dr James Blake, security expert at Mimecast: "The picture revealed by this survey points to fundamental security issues with protecting not only a company's own data but also customer data like patient records or credit card numbers.
"With the blurring of boundaries between company employees and external consultants, contractors, outsourcers and other third parties, it is now much more difficult to ensure the appropriate flow of information outside the organisation. Especially since the majority of employees are now knowledge workers with access to significant amounts of confidential data."
According to Bob Tarzey, security analyst at Quo Circa: "These figures do not surprise me on the whole employees are not sending stuff out maliciously, but through carelessness or lack of fore-thought. Education can help to some extent, but many employees are using communications tools all day, every day and mistakes will happen, so having checks in place makes sense.
"Affordability of available technology to tackle the problem is also a problem, as most businesses are unable to invest in the high end, on-premise data leak prevention (DLP) products that large business can."