More than half of UK public and private sector organisations are still risking data breaches and leaks, because they do not have data encryption in place to secure information on laptops, handheld devices and removable storage media.
According to the new Check Point survey of 120 IT managers and senior IT staff, 49% of respondents said they had data encryption solutions deployed in their organisations. 38% said they did not, and 13% said they did not know if encryption was in use.
This represents just a 1% increase in organizations deploying encryption to protect sensitive data in the past 14 months. This is despite 2007 and 2008 being the worst years on record for data losses and leaks, with over 30 million records lost by public and private organizations in the UK alone. In Check Point’s first UK data security survey conducted in November 2007 (the week of the huge data leak by HMRC), 48% of a similar sample of IT managers in public & private sector organizations said they had encryption, 40% said not, and 12% did not know.
The survey also showed that the extensive data breaches reported in 2008 had not changed the IT security budgets for the majority of respondents. Just 29% said their security spend had increased, with 48% saying their spend had stayed static.
However, respondents indicated that investment in data encryption technology was their second-highest purchasing priority for respondents during 2009, with VPN / remote access technology just ahead. Virtualization security was also expected to be a focus (27%). Intrusion prevention and perimeter security were also on the lists of 28% and 25% of respondents respectively.
A majority of respondents (68%) said that the current economic climate would not affect their IT security spending. 5% said they expected their security spend would increase, with 27% saying they expect it to decrease.
The survey found that 40% of organizations had up to 50 laptops in use, with a further 33% of respondents saying their company had up to 500 laptops in use. 47% of respondents said their organisation had up to 25 PDAs and smartphones in use, with a further 28% reporting up to 100 devices in their organisation.