Best laid plans …
According to a new study from Absolute Software, internal business managers continue to pose the greatest threat to sensitive company information such as customer records, health information and other private data.
“Despite the best efforts of IT departments, business managers continue to disengage, or turn off, their laptops’ encryption solution — exposing company information to thieves should the computer go missing,” noted a statement from Absolute.
The annual "Human Factor in Laptop Encryption" study tracks the perception of the effectiveness of encryption solutions and actions taken by IT and business managers to secure their laptops. This year’s expanded study was conducted in the United Kingdom, Canada, France, Germany and Sweden, in addition to the United States.
“This year’s global study gives us graphic evidence that IT and compliance departments continue to have insufficient tools to enforce company policies — especially those that are designed to protect sensitive company information. Despite their best efforts including deploying encryption technology, they are consistently thwarted by improper user behavior,” John Livingston, chairman and CEO of Absolute Software, said in a statement.
STUDY FINDINGS
• 15% of German and 13% Swedish business managers have disengaged their encryption solution. In contrast, 52% of Canadian, 53% of British, and 50% of French business managers have disengaged their encryption.
• U.S. business managers are the most likely to circumvent company data security policy — topping the survey at 60%.
• 95% of IT practitioners report that someone in their organization has had a laptop lost or stolen and 72% report that it resulted in a data breach. Only 44% report that the organization was able to prove the contents were encrypted.
• 33% of IT practitioners believe encryption makes it unnecessary to use other security measures, whereas 58 percent of business managers believe this to be the case.
• 62% of business managers surveyed agree that encryption stops cyber criminals from stealing data on laptops versus only 46% of IT practitioners who feel the same way.
• 36% of business managers surveyed record their encryption password on a document such as a post-it note to jog their memory or share the key with other individuals. In contrast, virtually none of the IT practitioners record their password on a private document or share it with another person.