Survey shows businesses lax on data security

A survey of UK companies across various industries shows that one in four businesses puts no effort into protecting data on USB drives.

The survey, by US multinational Kingston Technology, polled 480 employees and found that more than four out of five USB drives used by employees across the UK do not use hardware-based encryption.

One in five of the companies polled has no plans to do more to ensure data security despite the fact that new regulations – and potential hefty fines – will apply when the General Data Protection Regulation (GDPR) comes into effect across the European Union (EU) in May 2018.

The survey also revealed an over-reliance on unencrypted USBs, along with “a surprising amount of negligence” on behalf of USB users. Despite the fines of up to €20m or 4% of global annual turnover for the preceding financial year, which are the penalties to be introduced under the GDPR, 27% of these drives used to store professional and confidential data adopt no security measures at all.

Encryption is not the only risk associated with USB drives, with 38% of employees admitting that USBs had gone missing or were stolen. Of those missing drives, around seven in 10 employees were “not sure” what had happened to them.

With companies so reliant on USB drives – 60% of those surveyed said that their company had over five USBs in use, with nearly a third of individual employees also admitting to currently using over five drives in the workplace – “the need for better education surrounding their use is clear,” said Kingston.

“The onus is on companies to make sure all employees are aware of the dangers of not fully protecting USB data,” said Ann Keefe, the company’s regional director for the UK & Ireland. “Just one lost or stolen drive is putting a company’s data at risk and could prove a costly mistake, so it is important to educate and train employees on USB data security.

“Employees should also be encouraged to use hardware-based encrypted drives in order to provide a vital extra layer of protection against data leaks. Remote management of that data helps to safeguard the company from any drive that might be lost inadvertently, giving employees and companies peace of mind that their data is secure.”

47 views

Related reading