Enterprises may have data security policies, but they are not properly defined and implemented, which means the data coming from their IT assets isn't fully sanitised. This is according to a new report by Blancco Technology, called Data Sanitisation: Policy vs. Reality.
The report uncovered that basically all senior leaders (96 per cent out of 1,850 polled for the report) have data sanitisation policies set up, but almost a third (31 per cent) haven't communicated it properly across the organisation. More than half (56 per cent) don't communicate it “on a regular basis”, effectively increasing the risk of a data breach.
A fifth also don't believe they've finished defining the policies.
“The lack of robust data sanitisation policies across global enterprises is alarming,” said Fredrik Forslund, Vice President, Enterprise and Cloud Erasure Solutions at Blancco.
“If they fail to formulate and communicate these policies effectively, at every stage of the data lifecycle, they risk putting significant amounts of potentially sensitive data at risk. It is vital they put processes in place, with clear ownership, and auditability for control, assigned to their senior leadership team to mitigate these risks.”
The report also uncovered that almost a quarter of organisations don’t take direct responsibility for the erasure of IT assets, while nine in ten leave the hardware hanging around long after their end of life, taking up to a month to be sanitised.
Blancco Technology’s full report can be found on this link.