Compliance Management, Network Security, Privacy

Encryption “critical” for GDPR but many deterred by complexity

Email encryption is a “critical” or “very important” business priority for 53 percent of organisations, despite only being used “extensively” by 40 percent of organisations.

The findings, published by Echoworx and conducted by Osterman Research, suggest the technology's stock among business leaders is increasing, but perception issues over ease of use still remain.

The study, titled “Enterprise Encryption and Authentication Usage: A Survey Report”, polled the views of almost 165 IT decision makers and influencers, managing on average 14,000 email users per organisation.

It was to assess the adoption of encryption in the context of email, file sharing and other communication modes used to share sensitive and confidential records. More than half of the respondents (53 percent) considered email encryption a priority, up almost 10 percent on 2015.

However, the findings also revealed that encryption is not used as often as it should be. Only two in five (40 percent) organisations reported “extensive” use of encryption. When asked what the barriers are preventing more widespread use of the technology, more than half (53 percent) of respondents said “asking too much of the email recipients”, indicating that ease of use for both senders and receivers is still a major issue for businesses.

“Despite the importance of encryption and the benefits it offers, there is still the common misconception that the technology is suited for only the technically savvy”, said Jacob Ginsberg, senior director at Echoworx.

“The challenge in the security industry today is that despite the ever more complex threat vector, solutions must remain dead simple to use. Human nature is to look for the easiest path to accomplish a task, and that path also must be the most secure. Creating more efficient, easy-to-use, cloud-based encryption systems will help drive adoption forward,” added Ginsberg.

With the GDPR deadline less than 18 months away, encryption is a key technology that will enable organisations to comply with the regulations and avoid heavy financial penalties.

However, one third (33 percent) of the respondents said that their plans to extend data protection using encryption will occur in “over one year's time”, leaving little time to spare.

“Encryption is one of the most important technologies that organisations can deploy in order to comply with GDPR”, continued Ginsberg. “With the increasing number of data breaches, an encryption policy that spans a wide range of applications and purposes will go a long way to safeguarding organisations' data and that of its stakeholders.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.