The research Check Point and Ponemon showed that for the last year 77% of the organizations suffered from data loss

The company Check Point Software Technologies and Ponemon Institute, research company in the field of ensuring confidentiality and information management, report that behind the last year 77 percent of the polled organizations faced a problem of data loss. In the report "Justification of a question of complexity of security in the field of IT in the 21st century" (Understanding Security Complexity in 21st Century IT Environments) is specified that the most widespread type of information, undergone unauthorized disclosure, customer information (52%), intellectual property (33%), information on employees (31%) and corporate plans (16%) is. Due to implementation of Web 2.0 applications and mobile devices connected to network, the organizations face a problem of ensuring the best data protection and also problems of strategic management, risk control and accomplishment of regulatory requirements for IT (GRC — Governance, Risk and Compliance).

According to poll over 2,400 administrators of IT security, loss or theft of the equipment is a basic reason of data loss, after it there are network attacks, unreliable mobile devices, applications of Web 2.0 standard and applications for file sharing and also accidental sending messages by e-mail to those receivers to whom they did not intend. Besides, about 49 percent of all respondents consider that their employees are a little informed or have no idea of data security provision, of observance of requirements and security policies at all, indicate the need ensuring bigger awareness of users with the companies as one of components of strategy of data protection as the personnel often are the first line of defense.

"We understand that the data security and observance of requirements often head the list of functional duties of the director of IT security. However, on closer examination the factors influencing data loss you will see that the majority of incidents are inadvertent — Oded Gonda, the vice president for products of network security of Check Point Software Technologies company says. — To pass from identification of data loss to their prevention, the enterprises should increase awareness of users and create the corresponding procedures for achievement of bigger transparency and control over data assets".

As prevention of data loss is a priority question of information security, for the enterprises it is important to define basic reasons of data loss and to create security package of measures for prevention of unauthorized access to information, for example:

• Define requirements of the organization in the field of security — to have clear vision and the list of types of the confidential data which are available in the organization and also to know what data types are a subject of the state or industry regulatory requirements.
• Classify confidential data, since creation of the type list of the confidential data which are available in the organization and determination of levels of confidentiality. Consider a question of creation of set of document templates for classification of information on the Public, For the Limited Group of People or Strictly Confidential types, informing end users on corporate policy and on what information is confidential.
• Approve security policies with business needs — the strategy of security of the organization should provide protection of data assets of the company, without interfering with actions of the end user. It is necessary to begin with the description in simple business terms of policy of the company approved with business needs of individual employees, groups or the organizations. The solution Identity Awareness provides to the companies the best visibility of the users and the IT environment that allows to observe corporate policy more effectively.
• Ensure data security throughout all time of their existence — the companies should consider a question of implementing solutions for information security, their confidential data ensuring safety in different forms, the related users, data types and processes and also protection for all lifetime of these confidential data at their storage, transfer and processing.
• Get rid of a burden of observance of regulatory requirements — to define requirements of government and industry standards and how they affect security of the organization and a business flow. Consider a question of implementing solutions with the advanced methods focused on approval of specific regulations, including of the law on responsibility and data transfer about health care insurance of citizens, standards of data security in the field of payment cards and the Sarbanes-Oxley law for the fast organization of measures of prevention in one day. Advanced methods of work also allow IT specialists, in addition to observance of the existing requirements, to focus on active data protection.
• Pay special attention to awareness and the involvements of users — to involve users in decision making process in the field of security. Technologies can promote informing users on corporate policy and will allow them to eliminate effects of incidents in real time. The combination of technologies and awareness of users does the employees by more careful concerning risky behavior by independent training.

"Considering hundreds of data loss cases occurring annually, both official, and unofficial, it is not surprising that now the problems connected with management, risks and compliance to requirements grow — Dr. Larry Ponemon, the chairman and the founder of Ponemon Institute company says. — Data protection in the modern world means more, than deployment of a complex of technologies for the solution of these problems. In fact the lack of awareness of employees is a basic reason of data loss that forces the increasing number of the enterprises of a message among the users explanatory work concerning the operating corporate policy".

The program blade of Check Point DLP Software Blade is based on architecture of Software Blade Architecture™. The Check Point company using a unique combination of technologies and awareness of users helps the enterprises to take anticipatory measures of protection of confidential data from inadvertent loss. Thanks to unique UserCheck technology ™ the solution Check Point DLP is beyond technologies of user training to proper methods of work of data and allows them to eliminate effects of incidents in real time.

The research "Justification of a Question of Complexity of Security in the field of IT in the 21st Century" was independently conducted by Ponemon Institute company in February, 2011, in its framework administrators of IT security from the USA, Great Britain, Germany and Japan were polled. The inspected group represents the organizations of different scales from 14 different fields of activity. About Check Point DLP and the complete text of the report it is possible to study the additional information on the page: http://www.checkpoint.com/products/dlp-software-blade/index.html.

"The Check Point company considers data loss prevention as strategy, but not as science. We aim at that our clients had the tools and protection capable to prevent or eliminate violations before their emergence" — Gonda adds.