Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

70 percent of IT professionals still rely on passwords alone

More than seven in ten security professionals are still relying on passwords alone to secure their networks, according to a new survey.

Passwords are still the most common security measure for mobile working, with 71 percent relying on it, according to research carried out by encryption company SafeNet.

The poll of 1,200 IT managers and security professionals, also showed that 60 percent used virtual private networks (VPNs), 23 percent digital certificates and only 10 percent used smart cards. Over 50 percent of organizations support mobile working for more than one in ten employees, and 20 percent of organizations support remote working for over 50 percent of staff.

Gary Clark, Europe, Middle East and Asia vice president of SafeNet, said more employers and employees now see the benefit of remote working.

“But with thousands of people connecting from outside the corporate firewall, more appropriate security measures are needed to protect sensitive business information,” he said. “Password protection is no deterrent to a determined hacker and leaves the door wide open to exploitation. More robust and flexible security measures should be put in place in conjunction with staff education on the threat of lax security."

Clark said that U.K. organizations are losing £10 billion ($17 billion) each year through security breaches.

“Ensuring that corporate networks are only accessed by those people authorized to do so will go a tremendous way towards reversing that trend,” he said.

Another survey, this of the healthcare sector on the use of portable data storage devices, found that almost two-thirds use no or inadequate security, and that half of those in the NHS use their own equipment to store data.

The survey, carried out by Pointsec Mobile Technologies and the British Journal of Healthcare Computing & Information Management on information managers, IT managers and medical professionals, also found that one-fifth of the devices used to store data have no security on them at all and a further 40 percent have only password-controlled access.

USB memory sticks and cards (76 percent) were the most popular mobile device to be used to download data in the health care sector, followed by laptops and tablet PCs (69 percent), PDA/Blackberry (51 percent), smartphone (9 percent) and mobile phones (2 percent). Advances in technology have resulted in the ability to store gigabytes of information not just in these devices but also MP3 music players, cameras, voice recorders etc. The easy availability of tiny, high-capacity storage devices such as USB memory sticks and memory cards makes it very easy for a person to carry unnoticed large amounts of data such as patient records or sensitive corporate data.

Martin Allen, managing director of Pointsec Mobile Technologies U.K., said the survey showed the medical sector is worried about medical information being held on mobile devices that are not being secured by their NHS Trust.

“It will only be a matter of time before these weaknesses are exploited as it is very easy to steal or pick up a mobile device and access the information for ill-purposes,” said Allen.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.