proofpoint outbound/dlp survey results

1Proofpoint, Inc. Proprietary and Confidential ©2010

Research Results: Outbound Email and DLP Survey, 2010

Keith CrosleyDirector of Market Development Proofpoint

Michael OstermanAnalyst and Principal Osterman Research


Agenda

About Proofpoint and Our 2010 Survey

Levels of Concern and Risky Content

Frequency of Data Exposure Events

Risky Content in Email and Social Media

Policies and Enforcement Actions

How do Companies ReduceOutbound Email and Web Risks?


Proofpoint:Cloud-Enabled Email Solutions

Leading email security, compliance & archiving solutions for complex organizations

Enterprise-class protection forlowest email risk & cost-of-ownership

Industry leadership

Fastest GrowingMessaging Security

(2008)

Leaders Quadrant, SEG Magic Quadrant

(2008 & 2010)

Best Buy, 5 Stars (2009, 2010)

4000Customers


About our Seventh Annual Survey:Goals

Quantify the risks related to outbound messaging

Raise awareness of policy, technology and cultural issues

Understand technology adoption trends

Special topics • Social media risks in the enterprise• Data loss and the economy


About our Seventh Annual Survey:Respondents

Survey of 261 email technology/policy decision makers

Companies with 1000 or more employees:• 190 with 1000 – 5000; 45 with 5001 – 20,000; 26 with 20,000+• 139 private, 122 publicly-traded

Key roles• 46% Director or manager of IT• 21% CIO, CTO or senior-most IT executive• 12% director or manager of messaging/email systems

Email systems• 98% have on-premises email system

(Exchange 2007, 2003 and 2010 most common)• 31% have a SaaS email system (Exchange 2007, 2010 most common)


Agenda


Frequency of Data Loss/Exposure Events• What are IT pros most worried about?• What are the most common types of data loss

events?





Data Loss/Exposure is not Rare

36%

31%

29%

20%

36%

33%

32%

14%

30%

30%

18%

27%

47%

13%

27%

54%

0% 10% 20% 30% 40% 50% 60%

Exposure of sensitive orembarrassing information

Improper exposure or theftof customer information

Improper exposure or theftof intellectual property

Ordered by a court or regulatory bodyto produce employee email

Overall (n=261)1000-5000 employees (n=190)5001-20,000 employees (n=45)>20,000 employees (n=26)


Poll #1

Was your organization negatively impacted by the improper exposure of confidential information in the past 12 months?• Yes• No• Don’t Know


64%

60%

56%

55%

54%

53%

52%

51%

51%

50%

49%

46%

0% 10% 20% 30% 40% 50% 60% 70%

Physical loss: Laptops,smartphones and other devices

Web-based email (e.g., Hotmail, Gmail)

Email sent frommobile devices

Email sent from organization’sSMTP email system

Postings to blogs andmessage-boards

Posts to social networking sites(e.g., Facebook, MySpace, LinkedIn, etc.)

Posts to media sharing sites(e.g., YouTube, etc.)

Short messages (e.g., SMS, MMS)sent from mobile devices

Messages sent via Web-basedshort messaging…

Instant Messaging (IM)applications

FTP (File Transfer Protocol)

Peer-to-peer (P2P)networks

Levels of Concern aboutVarious Data Loss Conduits


Data Loss Events:Email, Blogs, Devices, Employee Termination

35%

32%

25%

22%

21%

30%

32%

24%

21%

21%

44%

27%

24%

22%

18%

54%

38%

35%

27%

27%

0% 10% 20% 30% 40% 50% 60%

Investigated a suspected leak ofconfidential or proprietary information via email

Investigated a suspected violation ofprivacy or data protection regulations related to email

Investigated the exposure of confidential, sensitiveor private information via a blog or message board

posting

Investigated the exposure of confidential, sensitive orprivate information via lost or stolen mobile devices

or storage media

Investigated a suspected leak or theft of confidentialor proprietary information associated with an

employee leaving the company

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)

>20,000 employees (n=26)


Data Loss Events:Social Media

20%

18%

18%

17%

21%

20%

18%

17%

18%

11%

11%

16%

23%

19%

23%

15%

0% 10% 20% 30% 40% 50% 60%

Investigated the exposure of confidential, sensitiveor private information via a posting

to a social networking site

Investigated the exposure of confidential, sensitiveor private information via video or audio media

posted to a media sharing site

Investigated the exposure of material financial information

(such as unannounced quarterly results or significant deals)

via a blog or message board posting

Investigated the exposure of confidential, sensitiveor private information via short message service

(e.g., SMS, MMS, Twitter)

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)



Agenda


Frequency of Data Loss/Exposure Events

Risky Content in Email and Social Media• Top outbound email concerns• How much email contains risky content?• Four types of risky content in email and IM/social media




Top Outbound Email Concerns 1

74%

72%

71%

71%

76%

74%

74%

75%

67%

56%

56%

55%

73%

85%

73%

69%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Ensuring compliance withfinancial disclosure or

corporate governance regulations

Protecting the confidentiality ofpersonal identity and financial information

Ensuring that email cannot be usedto disseminate company trade secrets

or valuable intellectual property

Ensuring that email cannot be usedto disseminate confidential

internal memos

Overall (n=261) 1000-5000 employees (n=190) 5001-20,000 employees (n=45) >20,000 employees (n=26)


Top Outbound Email Concerns 2

67%

63%

61%

70%

70%

66%

56%

49%

38%

62%

38%

62%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Ensuring compliance with internalcorporate email policies

Monitoring email for offensiveor otherwise inappropriatecontent and attachments

Protecting the confidentiality ofprivate healthcare information



As Many as 1 in 5 Emails Contains Risky Content

“What percentage of email sent from your organization contains content that poses a legal, financial or regulatory risk?”

• Mean (average) answer: 20%• Median answer: 10%• 19% of respondents “didn’t know”


Risky Content in Email

32%

20%

25%

26%

31%

34%

28%

25%

19%

24%

24%

22%

12%

12%

14%

17%

7%

9%

9%

10%

0% 5% 10% 15% 20% 25% 30% 35% 40%

Adult, obscene, or potentiallyoffensive content

Confidential or proprietary businessinformation about your organization

Valuable intellectual property ortrade secrets that should not

leave the organization

Personal healthcare, financialor identity data

that may violate privacy anddata protection regulations

Almost NeverLess CommonNeutralCommonVery Common


Risky Content in IM and Social Media

36%

32%

33%

34%

22%

25%

26%

21%

23%

22%

20%

20%

13%

13%

12%

17%

7%

8%

9%

9%

0% 5% 10% 15% 20% 25% 30% 35% 40%

Adult, obscene, or potentiallyoffensive content

Confidential or proprietary businessinformation about your organization

Valuable intellectual property ortrade secrets that should not

leave the organization

Personal healthcare, financialor identity data

that may violate privacy anddata protection regulations

Almost NeverLess CommonNeutralCommonVery Common


Importance of ReducingOutbound Email Risks in the Next 12 Months

37%

33%

16%

3%

8%

2%

1%

43%

31%

13%

3%

8%

1%

1%

20%

36%

27%

5%

5%

7%

0%

23%

46%

19%

4%

8%

0%

0%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

Very important

Important

Somewhat important

Somewhat unimportant

Very unimportant

Unimportant

Don’t know



Importance of ReducingOutbound HTTP Risks in the Next 12 Months

30%

37%

19%

6%

2%

7%

0%

33%

37%

17%

5%

1%

6%

1%

18%

42%

22%

9%

2%

7%

0%

23%

31%

31%

4%

4%

8%

0%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

Very important

Important

Somewhat important

Somewhat unimportant

Unimportant

Very unimportant

Don’t know



Agenda




Policies and Enforcement Actions• Prohibited activities• Adoption of acceptable use and other policies• Discipline and termination for policy violations



Prohibited Activities

63%

53%

53%

49%

40%

39%

38%

31%

58%

53%

49%

47%

40%

40%

42%

32%

80%

63%

60%

60%

43%

35%

28%

38%

81%

38%

67%

38%

33%

38%

24%

10%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Prohibit use of P2Pfile-sharing sites

Prohibit use of Facebook

Prohibit use of media-sharingsites (e.g., YouTube)

Prohibit use of Twitter

Prohibit use of personalWebmail

Prohibit personal useof the Web

Prohibit personal use ofcorporate email during

company time

Prohibit use of LinkedIn



Adoption of Acceptable Use Policies

94%

86%

83%

81%

80%

94%

85%

82%

83%

82%

96%

91%

89%

73%

73%

92%

85%

81%

81%

73%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Acceptable use policy for email

Web surfing policyfocused on

potential time wastedby employees

Web surfing policyfocused on

potential data loss

Social networking policy

Acceptable use policy for blogand/or message board postings



Additional Email PoliciesIs Your Organization at Risk?

86%

82%

80%

85%

85%

80%

89%

80%

79%

92%

65%

83%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Email retention policy

Acceptable encryption policy

Automatically forwardedemail policy



Formal Policy TrainingAre Employees Equipped to Understand Your Policies?

55%

42%

31%

58%

45%

38%

60%

42%

16%

31%

15%

12%

0% 10% 20% 30% 40% 50% 60% 70%

Conducted a formal trainingabout the organization'semail security policies

Conducted a formal trainingabout external regulations

that apply email use

Conducted a formal trainingabout Web/social media security

and acceptable use policies

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)



Discipline & Termination:Email & Blog Violations

50%

20%

24%

11%

52%

21%

26%

13%

38%

11%

16%

4%

58%

31%

19%

12%

0% 10% 20% 30% 40% 50% 60% 70%

Disciplined an employee forviolating email policy

Terminated an employee forviolating email policy

Disciplined an employee forviolating blog/message board policy

Terminated an employee forviolating blog/message board policy

Overall (n=261)1000-5000 employees (n=190)5001-20,000 employees (n=45)


Discipline & Termination:Media Sharing & Social Media

21%

9%

20%

7%

23%

10%

22%

9%

16%

7%

11%

0%

15%

8%

15%

8%

0% 10% 20% 30% 40% 50% 60% 70%

Disciplined an employee forviolating media sharing/posting policy

Terminated an employee forviolating media sharing/posting policy

Disciplined an employee forviolating social networking policy

Terminated an employee forviolating social networking policy

Overall (n=261)1000-5000 employees (n=190)5001-20,000 employees (n=45)


Agenda





How do Companies ReduceOutbound Email and Web Risks?• Manual processes and technology adoption• The economy and data loss risk• SaaS and email security investment priorities


Reducing Data Loss Risks:Manual Processes

37%

33%

48%

38%

34%

51%

29%

23%

36%

38%

38%

48%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Employ staff that monitors outbound email content

Employ staff whose primary or exclusive job functionis to read or otherwise analyze outbound email content

Perform regular audits of outbound email content

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)



Poll #2

Are there employees in your organization tasked with reading or analyzing the contents of outbound email?• Yes• Yes – and that person is me• No• Don’t know


Reducing Data Loss Risks:Outbound Email Scanning Technologies

40%

39%

42%

36%

44%

40%

43%

39%

27%

33%

41%

22%

38%

46%

38%

38%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Technology solution that detectsprotected health information in outbound email

Technology solution that detects private personalor financial information in outbound email

Technology solution for automatic encryptionof messages based on content & policies

Technology solution for detectingintellectual property in outbound email

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)



Reducing Data Loss Risks:Web Monitoring, Archiving, Outbound Spam

39%

54%

65%

43%

55%

63%

27%

52%

60%

38%

48%

85%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Technology solution for monitoring contentin webmail and other HTTP traffic

Technology solution for email archiving

Technology solution for detectingspam or malware in outbound email

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)



The Economy Continues toHave a Negative Impact on Data Protection

58%

53%

48%

59%

54%

51%

59%

51%

44%

50%

50%

36%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Budget constraints have negativelyimpacted my organization’s abilityto protect confidential, proprietary

or sensitive information

IT staff reductions have negativelyimpacted my organization's abilityto protect confidential, proprietary

and sensitive data

Increasing number of layoffs inmy organization has created anincreased risk of data leakage



Do SaaS and Cloud ComputingIncrease Data Loss Risks?

49%

49%

50%

44%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

The trend toward using SaaS andcloud computing solutions in the

enterprise seriously increases therisk of data leakage

Overall (n=261)

1000-5000 employees (n=190)

5001-20,000 employees (n=45)


31% of companies have a SaaS messaging system

52% say they have deployed a SaaS solution for inbound email scanning

• Additional 17% will “definitely” do so in the future• Additional 18% “might”

31% say they have deployed a SaaS solution for outbound DLP/compliance scanning

• Additional 19% will “definitely” do so in the future• Additional 17% “might”


Email Security Investment PrioritiesOver the Next 12 Months

32%

30%

41%

35%

25%

25%

36%

36%

25%

30%

38%

33%

21%

20%

21%

23%

24%

26%

7%

8%

9%

7%

8%

8%

3%

7%

4%

5%

5%

8%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

Improving the ability to manageeDiscovery in email

Improving the ability to preventsensitive content from leaving the

organization through emailin an unauthorized manner

Improving malware detectionand prevention

Improving spam filtering

Improving the ability to manageeDiscovery for non-email

electronic content

Improving employee self-serviceto archived email

Very High PriorityHigh PriorityNeutralLow PriorityVery Low Priority


Q&A / Next Steps

Attend a Live Proofpoint Demo SessionThursdays at 2:00 pm ET / 11:00 am PTRegister today at www.proofpoint.com/livedemo

For questions or more information contact us at: [email protected], 408-517-4710

proofpoint.com/facebook

proofpoint.com/twitter

blog.proofpoint.com


Webinar SurveyEnter to Win a Netbook!

We value your opinion.

Attendees of today’s webinar who complete the survey at the end of the presentation (within 10 minutes) will

be entered to win a Netbook!

proofpoint outbound/dlp survey results

Documents

proprietary information

outbound email

employees n

employee email

agendaabout proofpoint

private information

webbased email

leading email security