The Register® — Biting the hand that feeds IT

Feeds

Survey: UK biz is using more encryption

But users still shove unprotected USB sticks in holes...

By John Leyden, 17th November 2011
  • print
  • alert

Agentless Backup is Not a Myth

Despite a run of high-profile security breaches, almost half of UK corporate laptops remain unprotected against theft and data loss, according to a survey of British businesses published on Thursday.

Only 52 per cent of 320 UK public and private sector IT managers polled in the survey use data encryption on their corporate laptops. Half (50 per cent) fail to protect removable media (USB sticks and DVDs).

The study, commissioned by corporate network and device security firm Check Point, showed that data encryption usage on UK business laptops has grown significantly in the past year. Laptop encryption up 12 points from 40 per cent last year to 52 per cent this year. Consumerisation of IT, the trend where workers use their own smartphones or computers at work as an alternative to using more staid corporate-supplied kit, emerged as a key concern among survey participants.

Only 17 per cent of the organisations quizzed said they insisted on deploying security on personal devices used for work purposes. A further 42 per cent restrict access to corporate networks to corporate devices only. Many of those quizzed (42 per cent) worked for organisations with no security policy in the area.

A substantial minority (13 per cent) of those quizzed reported a breach due to a lost or stolen laptop and a further 7 per cent reported a lost or stolen USB stick or removable storage device. Around one in 12 (8 per cent) reported a breach from an email being accidentally sent to the wrong recipients. Only a third (32 per cent) of those quizzed used data-leak prevention, a type of security technology sold by Check Point and other vendors as a means to prevent just this type of rogue email mishap.

A laptop encryption growth rate of 12 points over just a year sounds like great progress to us, suggesting that deployment of the long-established technology has stepped up a gear. Check Point's UK boss still isn't satisfied with these results however, describing the rate of growth as "slow".

Terry Greer-King, Check Point’s UK managing director said: "It’s encouraging that more UK firms are protecting their laptops and data, but the rate of growth is slow, and nearly half of organisations still do not secure their data on portable computers and devices. At the same time, new threats such as consumerisation are emerging, and many organisations haven’t established measures to secure the use of personal laptops and smartphones in the workplace."

"These threats need to be addressed by a combination of education and technology so that organisations can protect their data, their business and their employees against the risks of security breaches,” he concluded. ®

Customer Success Testimonial: Recovery is Everything

COMMENTS

House Rules Send Corrections
All Reader Comments (4)
Highly Rated
Joe Montana

No standards

The problem with encrypted removable media is that there is no standard whatsoever... So you end up with a small unencrypted partition containing a binary windows program that users are expected to execute in order to gain access to the data.

Not only is this completely unusable for Linux/Mac users, but in many environments you would not be able to install the software anyway. Plus it adds yet another piece of software which almost certainly won't be centrally updated and will sooner or later end up full of security holes.

USB sticks are typically only used when you want to transport data to a system which is outside of the corporate network anyway, since it would be pointless to use a usb stick when its much easier to copy data over the network... USB sticks are used when users have to take data off site, or give data to third party contractors...

Also every vendor of such devices seems to implement their own software, and i doubt much of it has been thoroughly audited, and there have been several cases in the past where such software has had serious flaws in the encryption it uses.

What's needed is a standard for encryption of removable media, so that an encrypted device can be connected to any computer and without the need to install software can be mounted upon entering of the correct key.

1
0
John F***ing Stepp

OK, is there a market for a small latex protector for a USB device?

Because we seem to have created one.

0
0
Anonymous Coward
Anonymous Coward

I wonder how Nokia Lumia's fit into this with no on-device encryption?

0
0

More from The Register

breaking news
BBC-featured call centre slapped with hefty fine for unwanted calls
PPI pests: Swansea-based firm stung for £225k by ICO
75
Microsoft to open Windows Stores inside 600 Best Buy locations
Product showcases 'must be seen to be believed'
53
Author Iain (M) Banks falls to cancer at 59
Misses the release of his final work
97
breaking news
Online music world on iRadio: Apple, imagine our concern
*Sarcastic face*
55
What did the Lehman Brothers implosion look like to a techie?
Insider tells all about the Gnab Gib at Lehmans
34
It's official: 'tweet' an English word – not just in the avian sense
If the Oxford English Dictionary says it is so, then it is so
52
breaking news
The only Waze is Google: Ad giant tipped to gobble map app 'for $1.3bn'
Pac-Man-satnav-ish upstart in bidding war with Apple, Facebook
16
breaking news
1-in-10 e-tomes 'are self-published'... most are 'rubbish' says book ed
Publishing man scoffs at go-it-alone writers, ursines still fouling in forests
50
breaking news
Vodafone puts in multi-billion euro bid for German cable giant
Achtung! Jetzt kommt ein Vodamaschine...
5
Facebook RSS reader said to uncloak June 20
Secret event scooped by Scottish developer?
11