One third of businesses failing to protect sensitive data transfers

The study - carried out by Computerlinks in conjunction with the file transfer division of Ipswitch, the secure IP communications vendor - shows that there are considerable disparities in attitudes towards data security and secure transfer.

Researchers found that, whilst 82% of organisations reported they were engaging in exchanges of sensitive data, only 64% encrypted their data at rest or in transit.

Researchers also found that 22% of businesses in financial services do not encrypt data transfers, whilst 16% are still not confident that their arrangement for transferring large files is secure.

Over a third of the 300 respondents to the survey cited secure file transfer as a high priority, whilst 24% see it as a low priority, and a third regard price as the most important criterion when implementing the technology.

Commenting on the results, Jonathan Lampe, Ipswitch's vice president, said that even big banks still fail to encrypt all transfers of sensitive financial data, as witnessed by recent FSA fines.

"We commissioned this report to examine failings in the transfer of sensitive data across all business sectors, and we are still seeing a persistent minority failing to deal with sensitive data in a secure or compliant manner", he said.

In the engineering and heavy industry sectors, just 54% of respondents reported encrypting sensitive data as part of their secure data transfer strategy, as opposed to 69% of respondents in health, education and government sectors.

The IT sector is doing better, says the report, with 70% of respondents encrypting data, along with professional services (74%) and financial services (77.5%), where explicit and demanding regulations are in place from the FSA and Basel Committee, among others.

Meanwhile, 50% of respondents in the wider economy do not actually have an encryption strategy in place.

According to the report, "factors driving IT professionals to improve data security include the need to comply with data security and privacy regulations, negative publicity, loss of customers and other indirect penalties, such as losses arising from breaches of commercial confidence."

"The minority who fail to deal securely with data transfers pose a risk to all those they do business with. Markets, as well as activist regulators and more demanding regulations, now make life increasingly hard for persistent offenders."

What’s hot on Infosecurity Magazine?