News Feature | July 16, 2015

Study Reveals IT Pros Are Unprepared For Security And Compliance Audits

Christine Kern

By Christine Kern, contributing writer

data-folder 1

An Ipswitch security and compliance survey highlights the difficulties IT teams face when preparing for compliance audits. Of IT professionals surveyed, 59 percent reported they are unprepared for security and compliance audits, while three-quarters lack confidence end users are doing what they need to protect data.

The survey polled 313 IT professionals in United States. When asked what they would be willing to do instead of a compliance audit, nearly half of all respondents (46 percent) would either undergo a root canal procedure, work over the holidays, live without electricity for a week, or eat a live jellyfish.

The study also found that one-third of IT professionals (34 percent) believe data loss prevention is the most important security measure for their organization followed by security policies (24 percent), data encryption (18 percent), tracking and reporting (18 percent) and identity management (6 percent)

Respondents also indicated that compliance audits are disruptive, requiring significant IT resources to complete. Over half (52 percent) of IT pros queried said that allocation of IT resources is the most expensive part of a compliance audit, while another 18 percent pointed to critical project delays and 13 percent to the emotional strain and stress of an audit as the costliest aspect.

“The regulatory guidelines in financial services, healthcare and other high-risk industries demand full transparency and protection of critical business data across the borderless enterprise. Even with this in mind, our survey indicates a remarkable lack of preparedness and confidence on the part of IT pros to pass an audit today,” said Jeff Loeb, CMO at Ipswitch.

Ipswitch provides some tips for surviving a compliance audit, including using a managed file transfer solution that provides centralized audit logs and reports for file transmission. In addition, you should think through the entire file lifecycle and ensure personal data is protected at each stage.