Only 10% of UK city councils are using data encryption to protect sensitive data on laptop computers, research has found.
This means 90% of councils cannot guarantee that data held on mobile devices is protected, according to a survey of 40 councils by network services firm Telindus.
Although nearly half said they had responded to recent data leakage incidents by reviewing or rolling out new security technologies, 43% have no plans to upgrade their data protection.
The city councils that are not upgrading their data protection rely on password authentication and data security guidelines which state that sensitive data must not be transferred to laptops.
Despite low levels of data protection, 92% of the councils polled enable staff to connect to the council network from remote locations.
Mark Hutchinson, managing director of Telindus, said as mobile working becomes more popular, the vast majority of the public and private sector still needs to catch up to this data security risk.
"Relying on old security measures in a modern working environment is short-sighted and foolhardy," he said.
According to Hutchinson, even though encryption protects data against opportunist thieves, there is no way of knowing if the encryption method has been cracked.
"Councils must think beyond encryption when reviewing their security measures and consider installing a 'track and kill' device on all laptops to tackle the threat of data leakage," he said.
The technology lets organisations track their laptops through 3G communication and allows the IT department to access the device after it is lost or stolen and remove data even if the device is off.