Enterprise Data Privacy Quiz
Transcript
- 1. ENTERPRISE DATA PRIVACY: How Does Your Business Stack Up?
- 2. 2 A recent survey examined the state of data privacy in businesses. Results showed a critical disconnect between companies’ data privacy policies and protection of sensitive data. We’ve selected 10 questions from the survey for you to answer. Keep track of your responses, then see how your organization compares to those in the study.
- 3. 3 Regulated customer data (credit cards, health records, etc.) Password or authentication credentials Personal employee info (SSNs, phone numbers, etc.) Intellectual property Accounting and financial Unregulated customer data (emails, order history, etc.) Payroll Planning and strategy documents We do not have sensitive business data What type of data is the most sensitive to your business? (Select up to 3)
- 4. 4 Does your IT organization conduct regular SECURITY audits to ensure compliance with data security standards? ❏ Yes ❏ No Does your IT organization conduct regular PRIVACY audits to ensure compliance with data privacy standards? ❏ Yes ❏ No
- 5. 5 How does your IT organization focus efforts to protect data between external threats (hackers) and internal threats (like careless employees)? ❏ More effort on internal threats ❏ More effort on external threats ❏ Same effort on both internal and external threats
- 6. 6 Sales Marketing Owner/Partner Operations IT Accounting Manufacturing Engineering Legal Which departments are MOST likely to ignore corporate data privacy policies? (Select up to 3)
- 7. 7 Contractors Executives Contributors/ front-line staff Team managers What level of employee is most likely to ignore data privacy policies?
- 8. 8 Insufficient employee awareness & understanding of data privacy policies Lack budget to purchase & implement technology solutions No process in place to train or audit employee behavior Lack of executive visibility or priority into the problem IT team doesn’t have knowledge of laws and requirements Lack of data privacy policies Other We have no challenges Which of these challenges ensuring privacy of sensitive data does your IT team face? (Select all that apply)
- 9. 9 Access Control Log all data access Multi-factor authentication Encrypt data on laptops Encrypt data on tablets and smartphones No technological controls for data privacy What technological controls does your organization have in place to limit or audit access to sensitive data by authorized or unauthorized parties? (Select all that apply)
- 10. 10 Which of these regional data privacy challenges does your business face? (Select all that apply) Emerging rules and regulations difficult to track and implement Requirements are ambiguous, making it difficult to determine the correct course of action Technology vendors not offering solutions or guidance in addressing regulations Legal or compliance team does not communicate requirements to IT IT team lacks compliance knowledge to understand requirements Does not apply; we do not have operations in multiple countries.
- 11. 11 How concerned are you about the privacy of sensitive business data in the cloud? Very concerned Concerned Not concerned Does not apply; my company does not put any data in the cloud
- 12. 12 In your opinion, which environment has better data privacy controls? Cloud On-premise
- 13. Now that you’ve taken the quiz, see how the experts answered the same questions.
- 14. 14 1. Of the 99% of businesses which say they have sensitive data to manage, 52% identified the most common types as credit cards and health records. 46% selected password or other authentication credentials, and 41% selected personal employee information such as social security numbers. 2. While almost half of organizations (47%) conduct regular privacy audits, more (68%) conduct regular security audits. 3. 28% of companies focus efforts on protecting against internal threats, like careless employees, that impact data privacy. 72% put most of their efforts into protecting from external threats, like hackers, that impact data security. 4. 48% of companies report that sales is the most likely to ignore data privacy policies, followed by marketing (35%), owners or partners (31%), and legal (6%). 5. Individual contributors and front-line professionals are the most likely to ignore data privacy policies (39%), closely followed by executives (33%). 6. 93% of IT organizations face challenges ranging from insufficient employee awareness (56%) and lack of budget to purchase technology solutions (45%), to lack of process to audit behavior (36%) and lack of executive visibility and priority (34%). 7. 63% of companies use some kind of technology approach to ensure data privacy. The most common are basic access control (58%) and logging data access (41%). 21% encrypt data on mobile devices and 36% encrypt data on laptops. 8. For global companies, 41% report facing difficulties tracking emerging rules, 29% are challenged by ambiguity of requirements, 29% blame technology vendors for not offering solutions or guidance to address regulations, and 17% say their IT teams lack the ability to understand the requirements. 9. 87% of IT organizations are concerned about the privacy of cloud data, including 32% who describe themselves as “very concerned”. 10. 65% of IT professionals still believe that their on-premises environments have better privacy controls than the cloud, even though the reputation of SaaS and public clouds has improved dramatically in recent years. SURVEY RESULTS
- 15. To learn more, download our research report: The State of Data Privacy 2015