ATLANTA and LONDON, Jan. 31,
2017 /PRNewswire/ -- In recent years, a growing number
of data breaches have resulted from the improper data removal and
insecure storage of drives. To educate businesses on the importance
of proper data management and security, Blancco Technology Group
(AIM: BLTG) today released the findings of the Security Limitations
of SSDs research study, which revealed that organizations face a
myriad of internal and external challenges with preventing
sensitive personal and corporate information from being accessed or
breached from solid state drives (SSDs).
According to over 300 IT professionals surveyed in the United States, Canada, Mexico, United
Kingdom, France,
Germany, India, Japan
and China, 62 percent of
organizations believe encryption is sufficient to protect data from
being accessed or breached. On top of this, 70 percent said they
rely on encryption to prevent data loss/theft from SSDs and 35
percent reformat the drives. Moreover, when IT assets containing
SSDs hit their end-of-life and are ready to be disposed of,
recycled or resold, over half (56 percent) of organizations either
send them to IT asset disposition vendors/recyclers to erase the
data or outsource the task to an IT security consultant.
Key findings from the study include:
- SSDs contain a myriad of sensitive personal and business
information. 47 percent of organizations store both personal
information (from employees) and business data on SSDs
- Despite recent data breaches, loss/theft of drives and
employees leaking data for personal gain rank low on the list of
SSD security challenges. Loss or theft of hard drives (8
percent) and employees leaking data for monetary gains/personal
benefits (5 percent) were at the bottom of SSD security challenges
for organizations.
- Organizations prioritize efficiency and cost over data
security when selecting IT asset disposition vendors/recyclers.
49 percent of organizations consider efficiency and cost to be the
most important factors when selecting an IT asset disposition
vendor. Yet, only 16 percent factor in the vendor's ability to
permanently remove all data and 13 percent prioritize
certifications and recommendations from governing bodies and
institutions into their decision-making process.
- Although confidence in SSD security practices is high,
monitoring of ITAD vendors/recyclers is a low priority.
Although 89 percent of the survey's respondents are either 'very
confident' or 'confident' that data cannot be accessed or breached
after SSDs have been discarded, recycled or resold, 27 percent
admitted they don't have any formal process for monitoring how ITAD
vendors/recyclers erase data from SSDs.
"Our study's findings underscore the difficulty many
organizations face with managing, storing and protecting data on
SSDs and are symptomatic of a larger data security problem," said
Richard Stiennon, Chief Strategy
Officer of Blancco Technology Group. "Many organizations and
individuals place a great deal of their trust and reliance in
encryption and reformatting to prevent data loss/theft from SSDs
and minimize their exposure to a potential data breach. But there
are certain data security challenges with encryption that are often
overlooked when it comes to protecting data stored on SSDs. And we
know from our own analysis of 200 used drives purchased from eBay
and Craigslist that reformatting of SSDs could result in various
types and amounts of personal and corporate information being left
exposed and recovered. Organizations cannot afford to be lax in how
they manage and erase SSDs – or they could find themselves hit by a
data breach."
One such example is the recent data breach that hit health
insurer Centene. In January 2016, the
health insurer lost six hard drives that were part of a data
project using laboratory results to improve the health outcomes of
members. The missing drives contained the health information for
950,000 beneficiaries and included individuals' names, dates of
birth, social security numbers and member ID numbers.
Survey Methodology
The purpose of the study is to
understand the data security challenges and limitations
organizations face with data storage and management of solid state
drives (SSDs). Over 300 IT professionals in the United States, Canada, Mexico, United
Kingdom, France,
Germany, India, Japan and
China completed the survey in
December 2016.
About Blancco Technology Group
Blancco Technology
Group (AIM: BLTG) is the de facto standard in data erasure and
mobile device diagnostics. The Blancco Data Eraser solutions
provide thousands of organizations with an absolute line of defense
against costly security breaches, as well as verification of
regulatory compliance through a 100% tamper-proof audit trail. Our
data erasure solutions have been tested, certified, approved and
recommended by 18 governing bodies around the world. No other
security firm can boast this level of compliance with the most
rigorous requirements set by government agencies, legal authorities
and independent testing laboratories.
The Blancco Mobile Diagnostics solutions enable mobile network
operators, retailers and insurers to easily, quickly and accurately
identify and resolve performance issues on their customers' mobile
devices. As a result, mobile service providers can spend less time
dealing with technical issues and, in turn, reduce the quantity of
NTF returns, save on operational costs and increase customer
satisfaction.
For more information, visit our website at www.blancco.com.
Media Contacts:
SHIFT Communications for Blancco
Technology Group (US)
David Heffernan, Account Manager
T: (617) 779-1839
E: blancco@shiftcomm.com
SAY Communications for Blancco Technology Group (Europe)
Robert Hickling, Senior Account
Manager
T: 44 (0) 20 8971 6427
E: blancco@saycomms.co.uk
The Hoffman Agency for Blancco Technology Group (APAC)
Miyuki Washino, Senior
Consultant
T: 81 3 5159 5750
E: blanccoapac@hoffman.com
Blancco Technology Group
Ragini Bhalla, Senior Director of
Global Communications
E: ragini.bhalla@blancco.com
Logo -
http://mma.prnewswire.com/media/274522/blancco_Logo.jpg