The DTI Information Security Breaches Survey 2006 (pdf) has found that only 25% of UK businesses use encryption to send messages to business partners, highlighting that many businesses are leaving sensitive and confidential data contained in emails open to interception. PWC, which carried the survey out on the DTI’s behalf, has claimed that one of the reasons for this low level of encryption is the cost and administration burden.
Jamie Cowper, Marketing Manager EMEA at PGP, the de facto standard for encryption technology, has made the following comments:
“This survey demonstrates that while most businesses have taken serious measures to protect themselves against external security threats such as viruses and hacking, they’re still pretty blasÃ© about sending unencrypted – and thus unprotected – data outside of the corporate network.
And while cost and management issues around encryption might have been an excuse in the past, they’re really no excuse now. The technology has moved on and solutions today can remove much of this complexity, making the protection of messages entirely transparent to users.
Ultimately, companies need to ask themselves what price they are willing to pay to prevent their data falling in the wrong hands. It only takes one incident to severely impact a company’s reputation – and judging by the results of this survey, these type of incidents can only become more prevalent.”