UK businesses are failing to adopt the security controls needed to protect their customers' information, according to the Department of Trade and Industry's biennial Information Security Breaches Survey.
The survey, details of which will be released at the Infosecurity show at Olympia next week, shows that increasing volumes of business being conducted online have raised the priority given to protecting customer data.
Most large organisations appear to have adopted best practice regarding network and data security and 78% of those who accept financial transactions now encrypt the data they receive to ensure its confidentiality and integrity. However, smaller firms are less likely to provide the required protection, and less than a third encrypted the data they received.
Some 90% of respondents, however, seem to have got the message that protecting customer information is important or very important and a strong justification for security expenditure.
Although protection of wireless networks has improved since 2004, small firms are still not adopting strong controls, and many organisations have yet to consider the security implications of adopting Voice over Internet Protocol (VoIP) telephony. Despite the widespread publicity given to VoIP products such as Skype, only half have evaluated the security risks.
Meanwhile research carried outside Victoria Station in London by Infosecurity Europe has found that 81% of people were willing to part with all the personal information needed to steal their identity for the chance to win an Easter egg bonanza. The survey was carried out to raise awareness of the dangers of giving personal information to strangers who could then commit identity theft.
I can see the point that the Easter egg researchers are trying to make about personal information, and it follows on from a similar ‘public research stunt’ done on passwords. But this one, if you’ll excuse the pun, is over-egging the pudding. Will these snippets of personal information gained really pose an identity risk? And if in the week before Easter, someone offers you a free Easter egg at Victoria Station, wouldn’t you be taken in too? We’re all human, and sometimes researchers can be too sanctimonious in trying to make a point!