One in five
employees has gained unauthorised access to data, according to the
2006 DTI Information Security Breaches Survey.
Little headway in tackling ID and access management has been made
since the last report two years ago. Large companies have
experienced a small increase in the number of security
incidents.
These disappointing results are partly because many firms don’t use
the full range of authentication techniques available. A worrying
80% of companies still rely solely on passwords.
“Too many companies are still relying on single factor
authentication techniques such as user ID and passwords,” says
Andrew Beard, director at PricewaterhouseCoopers LLP, which
conducted the survey for the DTI.
“More companies need to follow the lead of the few larger
businesses, which are using stronger methods to authenticate their
users.”
Those companies that do employ stronger authentication techniques
such as biometrics, reported fewer incidents. But a worrying 80% of
companies still rely solely on passwords.
Employees are the weakest link in a security strategy. Research
compiled for IT security company Trend Micro this week reveals that
UK employees have a cavalier attitude to their PC usage at work.
Over half the workers interviewed said they relied on the IT
department to sort out any problems and were less careful with
their online behaviour at work than at home.
