IT and security professionals routinely use USBs, smartphones, and tablets to move and back up confidential files, yet their organizations haven't made changes in the wake of the WikiLeaks leaks.
Maybe the massive disclosure of diplomatic memos from the U.S. State Department by WikiLeaks didn't serve as much of a cautionary tale for preventing the leak of sensitive data after all: Most IT and security professionals say they use USBs, smartphones, and tablets to move and back up confidential files, and 65 percent say they don't have a handle on what files and data leave the enterprise, a new survey says.

The survey of 200 IT and security pros at the RSA Conference last month in San Francisco revealed some risky practices by users who theoretically should know better -- including 77 percent saying that they send payroll, customer data, financial, and other classified information via unsecured email monthly.

"One thing we know is that people do what they need to do to be productive, and they find their own mechanisms to do this better. This is not malicious, but it puts companies at risk," says Hugh Garber, product marketing manager for Ipswitch, which conducted the survey. "If there's not a tool, they use their own stuff -- a lot are turning to USB drives, file-sharing sites, and their personal email [if corporate email restricts file-size attachments, for instance]. And that just enforces lower visibility to IT and brings more risk."

The link for this article located at Dark Reading is no longer available.