Analyst Study Shows Employees Continue to Put Data at Risk

Wednesday, March 10, 2010

Cross-Posted from: http://www.databreaches.net/?p=10570

From the press release, results of the annual “Human Factor in Laptop Encryption” study by Absolute Software and the Ponemon Institute:

This year’s expanded study was conducted in the United Kingdom, Canada, France, Germany and Sweden, in addition to the United States. The study found that 15% of German and 13% Swedish business managers have disengaged their encryption solution. In contrast, 52% of Canadian, 53% of British, and 50% of French business managers have disengaged their encryption, while U.S. business managers are the most likely to circumvent company data security policy – topping the survey at 60%.

While Germans and Swedes disengage their encryption solutions less often, they may not be encrypting all their information: 49% of Swedish IT managers said that a lost or stolen laptop resulted in a data breach and German IT managers slightly less at 46%. Similarly, 50% of Canadian IT managers reported a data breach as a result of a lost or stolen laptop. IT managers from the U.S. had the highest percentage at 72%, followed closely by the U.K at 61%. France came in at the lowest with only 28% of IT managers saying that a lost or stolen laptop resulted in data breach.

Other key findings for the U.S. in this year’s study include the following:

  • 95% of IT practitioners report that someone in their organization has had a laptop lost or stolen and 72% report that it resulted in a data breach. Only 44% report that the organization was able to prove the contents were encrypted.
  • 33% of IT practitioners believe encryption makes it unnecessary to use other security measures, whereas 58 percent of business managers believe this to be the case.
  • 62% of business managers surveyed agree that encryption stops cyber criminals from stealing data on laptops versus only 46% of IT practitioners who feel the same way.
  • 36% of business managers surveyed record their encryption password on a document such as a post-it note to jog their memory or share the key with other individuals. In contrast, virtually none of the IT practitioners record their password on a private document or share it with another person.

Copies of the study are available at: www.absolute.com/human-factor.

Possibly Related Articles:
9901
General Enterprise Security Security Awareness
Data Loss Encryption employee abuse
Post Rating I Like this!
D13f77e036666dbd8f93bf5895f47703
Theresa Payton Scary stats especially "95% of IT practitioners report that someone in their organization has had a laptop lost or stolen and 72% report that it resulted in a data breach."
1276616335