PGP Corporation has announced the results of the second annual study by The Ponemon Institute, identifying the steps Australian organisations are taking in order to safeguard confidential data. The 2009 Annual Study: Australian Enterprise Encryption Trends, which polled IT security professionals at 482 enterprises, found that 69 percent of Australian organisations have been hit by at least one data breach incident within the last year, up from 56 percent in the previous year.
With 41 percent of respondents admitting to more than two data loss incidents in the twelve month period the number of firms experiencing multiple breaches was also up from 28 percent in 2008. Of those organisations that did admit to a breach in the last 12 months 65 percent were never publicly announced; there was no legal or regulatory requirement to disclose these incidents.
66 percent of respondents stated that data protection plays an ‘important’ or ‘very important’ role in an organisation’s overall risk management efforts. 57 percent felt encryption helped them meet privacy commitments and 70 percent believed encryption was a critical factor in protecting a company’s reputation. 38 percent (32 percent in 2008) believe that the use of encryption increases customers’ trust and confidence in the organization’s privacy or data security commitments. Using encryption to comply with privacy or data security regulations and requirements has increased from 13 percent in 2009 to 15 percent in 2009.
More than 64 percent of respondents say it’s very important or important to encrypt employees’ mobile devices and 55 percent believe that it is very important or important to provide end-to-end email security for Windows Mobile 6.0/6.1 Professional Edition.
Dr Larry Ponemon, Chairman and founder of The Ponemon Institute: “[…] 85 percent of the respondents stated that when they take a strategic approach to their encryption applications and use a platform approach it increases the effectiveness and efficiency of their IT security program.”
The primary benefits of the platform approach to managing encryption across the enterprise include reducing operational costs, eliminating redundant administrator tasks and supporting the development of a strategic encryption strategy. These were cited in the 2008 study as being the primary benefits as well.
The study found that 75 percent of Australian businesses have fully executed or just launched implementation of data encryption technology while 25 percent are in the process of implementing encryption in order to protect sensitive information. Encryption is most widely used to protect the data held on file servers, Virtual Private Networks (VPN) and databases. VOIP and mainframe encryption are the least deployed applications.
Other high priority activities in 2009 also include data archive and e-discovery systems with 71 percent fully executed or recently launched and endpoint device control technologies with 70 percent fully executed or just launched. The activities with the highest in-process response in 2009 include the implementation of endpoint-based data leak detection and prevention technologies, identity and access management systems and strong authentication devices. (Source: PGP Corporation/GST)