The survey of 277 IT security professionals found that 52% of them admitted to carrying company data on an unencrypted USB drive, and 11% 'protect' their devices with passwords alone.
The research, sponsored by end point data protection vendor Credant Technologies, found that the type of unprotected data being carried would have serious repercussions to the organisation should it be misplaced – from intellectual property (67%), customer data (40%) and on to employee details (26%).
Credant say there isn't any excuse as organisations can easily arm themselves using centrally managed platforms that provide data-centered, policy-based protection across all endpoints. This, says Credant, won't allow information to be transferred without first encrypting it – regardless of the device its being transferred to.
According to Sean Glynn, Credant's vice president, earlier this month (June 2) it was revealed that a USB stick containing personal information about children – which was neither encrypted nor password protected – had been lost by West Berkshire Council.
Two days later, it was reported that in March, a member of staff from Lampeter Medical Practice downloaded a database containing 8000 patient details onto an unencrypted USB stick before posting it but it never arrived.
Glynn added that Credant's study found that 11% of the sample had recently experienced a breach.