Abstract :
This paper deals with IT security threats. Just when organizations felt they were gaining the upper hand in their defence against external IT security threats, comes a rise in problems caused by internal risk factors. Often termed the ´enemy within´, malicious hacks on the enterprise system launched from the system itself remain in the minority compared to instances of data leakage-the unintentional and/or illicit loss of secure information into an insecure environment. Organizationpsilas that bother to check are finding that considerable quantities of data are trotting out through the staff entrance. Trend´s Corporate end user study 2008, which surveyed 1,600 corporate end-users, found that the loss of proprietary company data and information was ranked as the second most serious threat at work, following viruses. Respondent considered this to be ´more serious than most other threats such as spam, spy ware, and phishing. IT departments could do much to reduce data leakage by shoring-up internal IT security procedures with the practice standards of ISACA´s COBIT IT governance standards, as well as those of ITIL IT service management documentation. Implementing these tools would go a long way to staunching data leakage.
