Vormetric Data Security Survey Reveals Fear of Negative Publicity and Positive Impact of State Laws

SANTA CLARA, CA -- Fear of negative publicity is the primary driver for companies and organizations engaged in data protection, according to a survey taken by Vormetric, Inc. The survey was conducted at the RSA Conference at San Francisco’s Moscone Center February 5-9. The need to comply with a growing body of state laws concerning the security of information entrusted to them also ranked as a strong motivator for attendees at the conference.

In the survey of more than 500 visitors to Vormetric’s booth, 74 percent of respondents cited a need to protect their own intellectual property from theft or compromise. Just 33 percent named credit card data and 43 percent noted corporate financial records as the types of data needing protection.

Growing Sophistication, Further Questions

Vormetric, a leader in the data protection business since 2001, also found that 67 percent of those surveyed believe that most data breaches originate from within the organization rather than from an external threat. This finding was consistent with a 63 percent response in Vormetric’s October 2006 survey of attendees at Oracle OpenWorld in San Francisco.

Vormetric conducted a similar canvas at Oracle OpenWorld in 2005 and found that only 45 percent of those surveyed were interested in learning about some aspect of data encryption. That response rate jumped to 63 percent in 2006.

In Vormetric’s 2007 RSA conference survey, slightly over half of respondents noted that the information in their company’s data bases should be encrypted, while approximately one third indicated a need for encryption of tape backup systems and of flat files.

“We can learn a number of things from these answers to our surveys,” commented Vormetric’s senior director of marketing Dr. Heather Mark.

“First, laws like California’s SB1386 are working. Mandatory disclosure of actual or likely data breaches when the data is unencrypted is focusing everyone’s attention on this very serious problem. When executives tell us ’I don’t want to be the guy on the front page of the Wall Street Journal,’ you know they’re paying attention.”

“Secondly, many more people are aware of encryption and getting the message that it is a necessary step. They also see that data that resides in many places throughout their enterprise is vulnerable to hackers and thieves. But I’m not sure whether everyone yet understands that encryption alone is not enough; it has to be combined with tight, documented control of the people and the applications that have access to the data. You also have to protect the underlying OS and application infrastructure where the data resides.”

Protecting Intellectual Property: A Growing Concern in Today’s Global Economy

“We’re pleased to see that more and more people understand the need to protect their company’s intellectual property,” added Dr. Mark. "One of our large clients is an automotive manufacturer with engineers and facilities in several countries. We developed a way for them to encrypt and control access to valuable proprietary information in both the company’s central database and in its backup storage.

“IP represents a critical competitive advantage. So too is the ability to control costs via outsourcing and offshoring. But outsourcing and offshoring can also expose unprotected IP -- trade secrets, design specifications and other confidential corporate information -- to outsiders, whether they are here or on the other side of the globe. Our latest survey shows that this message is resonating with companies across many industries.”

Vormetric Security Survey Response Q&A - Condensed Summary
(Multiple responses permitted)

Q: What drives you to secure data?
Keep me out of the press 52%
State laws 47%
Keep the auditors happy 38%
My boss 18%

Q: Most breaches are because of:
Internal threat 68%
External threat 43%

Q: Where does your sensitive data reside?
Databases 62%
Network storage 43%
Laptops 36%
Desktops 33%
Servers w/attached disks 30%

Q: Where do you need encryption?
Databases 54%
Tape backup 32%
Flat files 31%
Point of sale 17%

Q: What types of data do you need to protect?
Intellectual property 74%
Non-public information 44%
Financial records 43%
Credit card data 33%
Patient data 25%
Vormetric Takes to the Road
Vormetric chief financial officer Frank Teruel is scheduled to speak on “Managing Risks to Corporate Data” Wednesday, March 14 at the Ziff Davis Security Summit in New York. For more information, visit http://ccgevents.com/events/2007_Security_Summit/.

About Vormetric

Vormetric is a leading provider of solutions for protecting enterprise information from unauthorized access or theft. The company’s CoreGuard system is a single, scalable and manageable system for data privacy and protection that enables businesses and government agencies to control who, what, when, where and how people can access sensitive information. CoreGuard protects intellectual property and enables enterprises to comply with increasingly strict data privacy and system integrity regulations. Founded in 2001, Vormetric is a privately held company with headquarters in Santa Clara, California. More information is available at www.vormetric.com

Vormetric, the Vormetric logo, CoreGuard and MetaClear are trademarks of Vormetric Inc. All other trademarks are the property of their respective owners.