A survey of IT security professionals, those who should be security conscious, has revealed that over half of respondents (52%), admit to carrying company data on a USB stick with no encryption. The survey also revealed that 11% of the security savvy audience ‘protected’ their devices with passwords only, an insufficient defense that is easily breached.
Unencrypted Data stored on mobile devices such as laptops, handheld devices, smartphones, USB drives, CD-DVDs and other devices is risky business. With mandatory audits, breach notifications, hefty fines and public humiliation likely in the event of a data breach, there really isn’t any excuse – organizations can easily arm themselves utilizing centrally-managed solutions that provide data-centered, policy-based protection across all endpoints, which won’t allow information to be transferred without first encrypting it.
The study, sponsored by end point data protection solutions firm, CREDANT Technologies, surveyed 277 IT security professionals who view security seriously and had attended the recent InfoSecurity Europe conference. Surprisingly, the type of unprotected data being carried would have serious repercussions to the organization should it be misplaced – from intellectual property (67%) to customer data (40%) and employee details (26%).
“If over half of this IT savvy audience are carrying unprotected sensitive information on USB sticks, and let’s face it you can pick one up for less than £10 in most good supermarkets, it makes me question just how big this problem is and, more importantly, what needs to happen to make organizations wake up to the risk,” said Sean Glynn, vice president and chief marketing officer of CREDANT Technologies.
The study also found that 11% of the sample had experienced a breach recently, a figure that CREDANT hopes one day to be 0% – but Sean’s not holding his breath.