In the last few months, we鈥檝e seen many cases of personal data breaches, both from companies and from government organizations. With an average cost of 3.86 million dollars for a data breach, the economic repercussions are significant.聽 And this figure is likely to increase, since the implementation of GDPR on May 25 and the consequent reporting of data breaches to the pertinent authorities. Given all of this, now is a very good time to protect the personal data that your company manages, to avoid these costs. But, do you really know where it鈥檚 stored?

Gemalto has carried out a study of over a thousand IT decision makers in companies worldwide, as well as over 10,000 consumers, to find out the state of data confidence. And the figures are far from encouraging.

The study has revealed that only 54% of companies know where their sensitive personal data is stored. This data includes bank details and physical addresses, among other information, that would mean major problems if it were stolen.聽 And if a company doesn’t know where its data is, how can if know if it has been exfiltrated? What鈥檚 more, how can it know who has access to it? It鈥檚 important to remember that theft carried out by malicious insiders is one of the leading causes of these exfiltrations, and without visibility of this data, it鈥檚 very difficult to stop it from happening.

These problems when it comes to finding unstructured data could be a question of volume. In fact, 65% of companies collect so much data that they鈥檙e unable to categorize or analyze it. 聽With such a quantity of data, the fact that it is hard to find may be a little less surprising. What鈥檚 more, if a company isn鈥檛 able to analyze its data, it won鈥檛 be aware of the value this data has, or what security measures need to be in place to keep it safe.

Companies don鈥檛 adhere to regulations

This year鈥檚 data protection regulation par excellence has been the GDPR; but other regulations of this kind have been around for years. Despite the fact that these data protection rules are nothing new, 82% of companies say they have difficulties when it comes to remaining compliant with regulations. What鈥檚 more, 68% state that they don鈥檛 carry out all the procedures in line with data protection laws. And without these regulations, the risk of suffering a security breach is exponential.

This corporate malpractice is reflected in the level of consumer confidence: only 52% say that they trust organizations to keep their personal data safe. And this figure is even lower for financial institutions: only 41% of consumers believe that they are capable of safeguarding their personal data.

Generalized IT security problems

According to the study, only 48% of IT decision makers believe that the IT security of their company is strong enough to stop an intruder. And what鈥檚 more, if a hacker did manage to get into the system, only 43% of heads of IT believe that their company鈥檚 data would be safe. This means that there is a very high probability that consumers鈥 data will be exposed to a hacker.

These statistics clearly demonstrate that there鈥檚 still a long way to go when it comes to data security. But, what can be done? With Panda Data Control, the data protection module of Panda Adaptive Defense, you can locate all the unstructured personal data on your company鈥檚 endpoints. 聽This way, you鈥檒l know where this data is. What鈥檚 more, it provides visibility about this data, and about the users, employees or collaborators, and the computers or servers who access it.