Analyst Study Shows Employees Continue to Put Data at Risk
Second annual study sponsored by Absolute Software shows that business managers continue to disregard practices designed to secure their laptops and the data on them
VANCOUVER and TRAVERSE CITY, MI, March 10 /CNW/ - Absolute(R) Software Corporation (TSX: ABT), the leading provider of firmware-based, patented, computer theft recovery, data protection and secure computer lifecycle management solutions, and the Ponemon Institute, a privacy and information management research firm, announced today the results of the second annual "Human Factor in Laptop Encryption" study. According to the study, business managers continue to pose the greatest threat to sensitive company information such as customer records, health information and other private data. Despite the best efforts of IT departments, business managers continue to disengage, or turn off, their laptops' encryption solution - exposing company information to thieves should the computer go missing.
The annual "Human Factor in Laptop Encryption" study tracks the perception of the effectiveness of encryption solutions and actions taken by IT and business managers to secure their laptops. This year's expanded study was conducted in the United Kingdom, Canada, France, Germany and Sweden, in addition to the United States. The study found that 15% of German and 13% Swedish business managers have disengaged their encryption solution. In contrast, 52% of Canadian, 53% of British, and 50% of French business managers have disengaged their encryption, while U.S. business managers are the most likely to circumvent company data security policy - topping the survey at 60%.
While Germans and Swedes disengage their encryption solutions less often, they may not be encrypting all their information: 49% of Swedish IT managers said that a lost or stolen laptop resulted in a data breach and German IT managers slightly less at 46%. Similarly, 50% of Canadian IT managers reported a data breach as a result of a lost or stolen laptop. IT managers from the U.S. had the highest percentage at 72%, followed closely by the U.K at 61%. France came in at the lowest with only 28% of IT managers saying that a lost or stolen laptop resulted in data breach.
Other key findings for the U.S. in this year's study include the following:
- 95% of IT practitioners report that someone in their organization has had a laptop lost or stolen and 72% report that it resulted in a data breach. Only 44% report that the organization was able to prove the contents were encrypted. - 33% of IT practitioners believe encryption makes it unnecessary to use other security measures, whereas 58 percent of business managers believe this to be the case. - 62% of business managers surveyed agree that encryption stops cyber criminals from stealing data on laptops versus only 46% of IT practitioners who feel the same way. - 36% of business managers surveyed record their encryption password on a document such as a post-it note to jog their memory or share the key with other individuals. In contrast, virtually none of the IT practitioners record their password on a private document or share it with another person.
"This study shows that business managers may be overly reliant on encryption to keep confidential information safe and secure," said Dr. Larry Ponemon. "While laptop encryption is an essential and important security tool, improper end-user actions such as turning off security features, sharing passwords, or using insecure wireless networks may substantially reduce the effectiveness of encryption in protecting laptop computers."
"This year's global study gives us graphic evidence that IT and compliance departments continue to have insufficient tools to enforce company policies - especially those that are designed to protect sensitive company information. Despite their best efforts including deploying encryption technology, they are consistently thwarted by improper user behavior," said John Livingston, chairman and CEO of Absolute Software. "The Human Factor in Encryption study shows that no matter which country you are located in, you need to seriously contemplate the degree to which your own employees may be contributing to the potential for business-jeopardizing data breach incidents. You must take the human factor out of your computer security plan."
The "Human Factor in Laptop Encryption" study surveyed IT practitioners, including individuals in IT security, and business managers located in non-IT disciplines. At the time of the survey respondents were employed by organizations across 20 industries located in the US, Canada, UK, France, Germany and Sweden. Copies of the study are available at: www.absolute.com/human-factor.
About the Ponemon Institute
The Ponemon Institute(C) is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.
About Absolute Software
Absolute Software Corporation (TSX: ABT) is the leader in tracking, managing and protecting computers and mobile devices. The Company's Computrace, Absolute Manage and LoJack(R) for Laptops solutions provide theft recovery, data protection and computer lifecycle management capabilities to organizations and consumers. The Company's software agent is embedded in the firmware of computers by global leaders, including Acer, ASUS, Dell, Fujitsu, General Dynamics Itronix, HP, Lenovo, Motion, Panasonic and Toshiba, and the Company has reselling partnerships with these OEMs and others, including Apple. For more information about Absolute Software, visit www.absolute.com and http://blog.absolute.com.
(C) 2010 Absolute Software Corporation. All rights reserved. Computrace, Absolute and Secure Asset Tracking are registered trademarks of Absolute Software Corporation. LoJack is a registered trademark of LoJack Corporation, used under license by Absolute Software Corporation. LoJack Corporation is not responsible for any content herein. Computrace U.S. patents No. 5,715,174, No. 5,764,892, No. 5,802,280, No. 5,896,497, No. 6,244,758, No. 6,269,392, No. 6,300,863, and No. 6,507,914. Canadian patents No. 2,284,806 and No. 2,205,370. U.K. patents No. EP793823 and No. GB2338101. German patent No. 695 125 34.6-08. Australian patent No. 699045. Japanese patent No. JP4067035. The Toronto Stock Exchange has neither approved nor disapproved of the information contained in this news release.
%SEDAR: 00013849E
For further information: Absolute Software Public Relations: Leslie Campisi, Affect Strategies, [email protected] or (212) 398-9680 x144; Absolute Software Investor Relations: Dave Mason, CFA, The Equicom Group, [email protected] or (416) 815-0700 x237; Ponemon Institute Public Relations: Mike Spinney, Ponemon Institute, (978) 597-0342, [email protected]
Share this article