UK Companies Don’t Encrypt Enough, Says Survey

Forty three percent of UK public and private sector organisations fail to use any encryption for their portable PCs and devices, according to a survey.

“Nearly half of UK public and private sector organisations are still risking data breaches, losses and leaks from their portable PCs and devices.  While 52 percent of respondents said they used data or device encryption to secure their business laptops, 43 percent said they did not have encryption deployed and a further 5 percent admitted they didn’t know if encryption was in use,” said Check Point Software Technologies in a statement announcing its survey results.

Not enough protection

The survey further revealed that out of the 320 UK IT managers and senior IT staff  polled, only half used encryption to protect removable media, such as USB memory sticks, removable drives and DVDs with 44 percent admitting that no solutions were in place to protect these devices, and 6 percent of respondents not sure if encryption was used.

With the increasing mobility in the workforce and the growing trend of bring your own devices (BYOD) – 61 percent of employees use personal devices for work, up from 55 percent from last year, the survey showed that no formal security process was employed by in 42 percent of cases, while a meagre 17 percent insisted on such measures. When it comes to network access, 42 percent of those polled claimed that access to data resources was limited to authorised corporate devices only.

“More UK firms are protecting their laptops and data, but the rate of growth is slow, and many organisations haven’t established measures to secure the use of personal laptops and smartphones in the workplace. Threats need to be addressed by a combination of education and technology so that organisations can protect their data, their business and their employees against the risks of security breaches,” noted Terry Greer-King, Check Point’s UK managing director, in a statement.

These statistics reflect the recent, serious breaches and incidents of data loss that have been reported recently, and with the growing complexity of assaults on corporate and public data, these statistics are alarming.

No data loss, says majority?

Despite this,only 13 percent of companies surveyed reported breaches due to lost or stolen laptops in the last 12 months, and seven percent  from lost or stolen USB sticks or removable storage devices. Eight percent noted breaches from accidentally sent emails, and 73 percent claimed no breaches or data losses at all.

The report also examined email security policies and found that 32 percent of respondents protected email traffic, 15 percent were considering a data leak prevention solution, and 38 percent had no intention of implementing methods of protecting sensitive files from reaching unauthorised individuals.