A survey of IT professionals reveals a worrying trend that leaves large numbers of organisations prime targets for data thieves.
The study by Origin Storage shows that 41% of what should be a security savvy group is carrying sensitive information on mobile devices unprotected, despite the fact that 19% of respondents admitted their organisation had suffered a data breach after the loss of a portable device, and 54% of those confessing that the device had not been encrypted.
The Information Commissioner's Office (ICO) has issued several enforcement notices and even financial penalties to organisations for failing to encrypt sensitive data in accordance with the Data Protection Act.
With 70% of organisations making data encryption mandatory, 11% of respondents carrying sensitive information unprotected are actually breaching their organisation's data protection efforts, while the other 30% comply with their organisations' inadequate policies, the study report says.
The survey, conducted at Infosecurity Europe 2011 in London, revealed a staggering 37% of respondents who confessed that between 81% and 100% of all sensitive data stored on their devices was left unprotected.
In the light of the survey's findings, it is hardly surprising data breaches are increasing in frequency and especially recently in size, says Andy Cordial, managing director at Origin Storage.
"I'm astounded that 30% of organisations are still unaware of the Data Protection Act and the recommendation from the ICO that encryption be used to protect sensitive information," he says.
The survey shows that the problem of sensitive data is not restricted to any particular device as 67% of respondents stored unprotected data on, 52% on USBs, 33% on CDs, and 52% another form of portable storage device.