65% of IT managers and senior IT staff in UK companies say the recent leak of Child Benefit data by HMRC will not change their IT spending priorities, yet less than half have a data encryption solution in place.
This is one of the key findings from a new research done by data protection and encryption solutions provider, Check Point Software Technologies Ltd who surveyed the opinions of 140 senior IT staff, IT managers and IT directors across a range of UK companies from both the public and private sector.
The email survey, conducted during the week of the HMRC data leak, showed that the majority of respondents feel their companies are secure against the risk of data leaks. Just 11% of respondents said that HMRC's highly-publicised loss of CDs, containing personal details of 25M UK citizens, would influence their IT spending priorities.
However, the survey revealed that the organisations surveyed are still running the risk of data leaks and breaches similar to HMRC. Less than half of respondents (48%) said their organisation had an encryption solution to protect sensitive data. data. 40% of the sample said their company did not have encryption, and a worrying 12% did not know if encryption was in place.
The research also showed that business PCs, laptops and mobile devices are also vulnerable to threats from malware, and attempts to hijack remote network connections. Just 39% of respondents said their company had an endpoint security solution, to protect PCs against unauthorised access or malware. malware. 37% did not have endpoint security, and 25% were unable to say if they had or not.
However, when asked if their organisation's IT security policy includes data protection issues such as the use of USB drives for transporting data, 73% of the sample said it did. According to Check Point, this highlights the fact that corporate security policies are not being enforced by solutions.
"It's worrying that a majority of the companies surveyed feel they are safe against data loss. loss. Over half of the survey sample does not have the basic security measures in place, to stop the type of employee behaviour that caused the leak at HMRC,” said Nick Lowe, Check Point's regional director for Northern Europe.
"Securing any kind of sensitive data must be automated, so that employees cannot alter or stop the security processes. Organisations have to protect their data, themselves and their employees against the risks of possible data leaks, and automation is the only way to do that."
The survey also showed that companies strongly agree (85%) with mandatory notification of affected parties in the event of a data breach, as is the law in the US. Just 9% disagreed. US. Just 9% disagreed. 36% of respondents thought immediate dismissal was appropriate for parties causing data leaks on the scale of the recent HMRC loss. |
