UK organisations are still failing to safeguard portable data devices such as laptops and USB memory sticks, despite high-profile data losses.
In the latest incident, Lothian and Borders Police revealed this week that an unencrypted USB stick containing vehicle registrations and other information has gone missing.
The USB stick, last seen by staff in the road policing division at Lothian and Borders police's headquarters, was lost between December 2008 and January this year.
The loss does not compromise any individuals involved in police investigations, said a police spokesman.
Daniel Östner CEO at security firm BlockMaster, said data stored on any insecure standard USB stick means that data is at risk to unauthorised access.
USB drives cannot ensure confidentiality and as the physical size of these devices decreases, they are becoming easier to misplace, he said.
An estimated 9,000 USB sticks are lost at UK dry cleaners alone according to a survey by security firm Credant Technologies.
BlockMaster puts the global figure of lost USB sticks at around 20 million.
Security is also still low on business laptops with 90% of those sent for data retrieval not having any form of encryption, according to IT services firm Kroll Ontrack.
This shows Lothian and Borders Police is not alone in failing to recognise the value of encryption, said Robert Winter, chief engineer of data recovery at Kroll Ontrack.
"Given the volume of data lost on removable media, it is clear the lessons about the vulnerability of USB sticks and laptops have not been learned," he said.