Micro Focus Study Reveals Sustained Refusal To Secure Data Despite Constant Breaches

• Over three quarters (79%) of organisations have experienced at least one data breach in the last 12 months  

• 79 % use live production data in application development and testing  

• Over two thirds (70%) do not have the measures in place to mask this live data during development and testing  

• Two thirds of organisations (64%) are testing applications on a weekly basis 

   Organisations not taking steps to address risks and leaving themselves liable to internal and external attacks on weekly basis

NEWBURY, England, 18^th  August 2009 — Micro Focus® (LSE.MCRO.L), a leading provider of enterprise application modernisation, testing and management solutions, today exposes that global organisations’ have inadequate security measures for application testing, despite the fact the vast majority have experienced a data breach in the last 12 months.  

Results of Micro Focus research, independently conducted by the Ponemon Institute amongst over 1,350 practitioners involved in application development and testing across the UK and the U.S., highlights that organisations are risking and exposing the confidential data of their customers by failing to secure it during testing processes.  

The study, carried out in companies with revenues from $10 million to over $20 billion, shows that over three quarters (79%) have experienced at least one data breach in the last 12 months, yet nearly the same amount (70%) still do not have data masking techniques in place during any form of testing. The vast majority also confirmed they use customer records, employee records, credit cards and other business confidential information in application development and testing.

Even more concerning is that customers’ sensitive data is being put at risk on a very regular basis. Nearly two thirds (64%) need this data on a weekly basis for the application testing process with 90% confirming it is needed on a monthly basis. Despite the organisations’ own experiences and the current high profile of data breaches, only seven percent felt that data protection in the development and testing environment is more stringent than in regular production.

Adding to the complexity of the process is the size of the data that is being tested. A staggering three-quarters of respondents confirmed they use test data files that are larger than one terabyte, with some testing more than 50 terabytes of test data. Using such vast samples of data increases not only the amount susceptible to an external or internal attack, but also the scope for human error.

“Given the recent high profile of data breaches across the world and also the frequency with which testing takes place, it seems unbelievable that organisations have still not taken the necessary steps to ensure their data is secure during this regular process,” said Stuart McGill, CTO, Micro Focus. “In this difficult economic time, the last thing organisations want or need is to experience a significant data breach that can leave their own, or worse, their customers’ confidential information damaged or leaked. Companies need to act now and ensure they have the data masking capabilities in place to guarantee their data is watertight during development and testing.”

This research was independently conducted by the Ponemon Institute, which specialises in research on privacy, data protection and information security policy. The percentages contained within this release are the global average, based on the individual UK and US figures.

“These new survey findings strongly suggest that businesses are more concerned with completing application tests, even at the expense of sensitive customer and personal data,” said Dr Larry Ponemon. “It is understandable that organisations want to be efficient in this often time-consuming process, but cutting corners by not masking the data could cause irreparable damage to a company’s database and reputation if a major breach were to happen.”

A full report of the results is available at http://www.microfocus.com/products/DataExpress/

About Micro Focus

Micro Focus provides innovative software that allows companies to dramatically improve the business value of their enterprise applications. Micro Focus Enterprise Application Modernisation and Management software enables customers’ business applications to respond rapidly to market changes and embrace modern architectures with reduced cost and risk. For additional information please visit http://www.microfocus.com/.

###

Micro Focus is a registered trademark of Micro Focus.  All other products and companies mentioned in this announcement are the trademarks of their respective owners.