Sophos, a provider network and endpoint security, has released the findings of its recent survey, The State of Encryption Today. The survey polled 1,700 IT decision makers from mid-sized businesses in the United States, Canada, India, Australia, Japan, and Malaysia about their encryption habits, concerns, and plans. All respondents were from organizations with 100 to 2,000 employees in all sectors, excluding government.†
Key findings of the survey reveal that private, highly-sensitive employee information, including banking details, human resource (HR) files, and personal healthcare records, is at risk. While many companies take the security of their customer data seriously, employees are not protected to the same level.
For example, 31 percent of the companies surveyed that store this type of data admit that employee bank details are not always encrypted. Forty-three percent of the companies holding sensitive employee HR files don’t always encrypt them, and nearly half of those that store employee healthcare information (47 percent) fail to consistently encrypt these records.
Of the U.S. companies surveyed that do use encryption, only 79 percent claim to always secure employee bank details, making it the most advanced of the six countries. By comparison, 48 percent in Japan fail to consistently encrypt employee bank details, making their employees the least protected.†
Company data remains at risk as well. Nearly one-third (30 percent) of all organizations surveyed fail to always encrypt their own corporate financial information, and nearly half (41 percent) inconsistently encrypt files containing valuable intellectual property. The percentage is higher in the U.S. where 62 percent of organizations cite the need to secure proprietary data as a key driver to encryption.
Cloud data security is also driving encryption adoption. More than eight in ten companies (84 percent) expressed concern about the safety of data stored in the cloud. Nevertheless, while 80 percent are using the cloud for storage, only 39 percent encrypt all files stored in the cloud. The U.S. leads all six countries with a propensity to encrypt all files in the cloud with 48 percent of those surveyed in America doing so.†Malaysia is at the opposite end of the spectrum with only 17 percent of businesses surveyed encrypting all files in the cloud.†
Encryption demand is growing although companies cite budget, performance concerns and lack of deployment knowledge as the top three barriers to implementing a solution. Three-quarters of organizations acknowledge that they need to improve how they encrypt and secure employee, customer and company information. In fact, over the next two years, 69 percent of organizations surveyed plan to increase their use of encryption, showing that companies are moving in a positive direction.
A white paper of the full survey results is available at www.sophos.com/encryptionsurvey.