 |  |  |  |  |  |  |  |
FTP Security FAIL
One third of businesses totally fail to encrypt their sensitive data transfers. That's the conclusion of a new survey into file transfer security which noted the huge disparities in attitudes towards data security in general and data security during transfer. According to the 2009 File Transfer Security Survey undertaken by managed file transfer solutions developer Ipswitch, while some 82% of organisations engage in the exchange of sensitive data only 64% actually encrypt that data either when it is at rest or being transferred.
Within the engineering and heavy industry sectors only 54% of respondents reported encrypting sensitive data as part of their secure data transfer strategy, whereas when it came to health, education and government services the numbers improved to 69%. Perhaps unsurprisingly, the IT sector did better with 70% of respondents encrypting data, but not as good as professional services on 74% or the big daddy of secure data transfer which was financial services on 77.5% - although this is largely down to the presence of explicit and demanding regulations to ensure financial data is safe.
Based upon responses from more than 300 businesses ranging from media organisations, law and accountancy firms through to national and local government, schools, hospitals banks, consultants and retailers, other key findings of the report included:
Despite increasingly stringent regulation, including new rules for data protection and handling of financial data, only 6% recognise that this has presented short term implementation deadlines, whilst 49% either believe no improvements to secure transfer infrastructure are needed, or have placed improvements on hold
Referring to a record £3.3 million fine handed down by the FSA, this month, to a major financial institution, for the loss of unencrypted data, Ipswitch Vice President, Jonathan Lampe, says "we know that even big banks still fail to encrypt all transfers of sensitive financial data, we commissioned this report to examine failings in the transfer of sensitive data across all business sectors, and we are still seeing a persistent minority failing to deal with sensitive data in a secure or compliant manner."
Within the engineering and heavy industry sectors only 54% of respondents reported encrypting sensitive data as part of their secure data transfer strategy, whereas when it came to health, education and government services the numbers improved to 69%. Perhaps unsurprisingly, the IT sector did better with 70% of respondents encrypting data, but not as good as professional services on 74% or the big daddy of secure data transfer which was financial services on 77.5% - although this is largely down to the presence of explicit and demanding regulations to ensure financial data is safe.
Based upon responses from more than 300 businesses ranging from media organisations, law and accountancy firms through to national and local government, schools, hospitals banks, consultants and retailers, other key findings of the report included:
- 22% of businesses in financial services do not encrypt data transfers
- 16% are still not confident that their arrangement for transferring large files is secure
- Over a third of respondents cite secure file transfer as a ‘high priority’, 24% see it as a ‘low priority’, and a third regard price as the most important criterion when implementing it
Despite increasingly stringent regulation, including new rules for data protection and handling of financial data, only 6% recognise that this has presented short term implementation deadlines, whilst 49% either believe no improvements to secure transfer infrastructure are needed, or have placed improvements on hold
Referring to a record £3.3 million fine handed down by the FSA, this month, to a major financial institution, for the loss of unencrypted data, Ipswitch Vice President, Jonathan Lampe, says "we know that even big banks still fail to encrypt all transfers of sensitive financial data, we commissioned this report to examine failings in the transfer of sensitive data across all business sectors, and we are still seeing a persistent minority failing to deal with sensitive data in a secure or compliant manner."
Last edited by happygeek; Sep 16th, 2009 at 7:08 am.
Similar Threads
- News Story: Media FAIL: Twitter not hacked (Network Security)
- News Story: Web forms are still the gateway to security hell (Network Security)
- The C.I.A.'s illegal business (Geeks' Lounge)
- Corporation Security with FTP (Windows NT / 2000 / XP)
- Domain Security??? (Linux Servers and Apache)
- Zone Alarm Security Alerts. (Viruses, Spyware and other Nasties)
- SAMBA --> XP problem (*nix Software)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
advertising age amd apple avatar bluegene botnet browser business cellphone censorship china chips copyright crime data database development dos downloads economy email encryption energy enterprise europe facebook firefox gadget games gaming google government hacker hacking hardware ibm ibm.news intelibm internet iphone ipod itunes law legal linux mac malware marketing mcafee medicine memory microsoft mobile mozilla music news openoffice opensource os pc phishing piracy politics porn privacy ps3 recession redhat report research russia search security sex socialnetworking software spam sun supercomputer supercomputing survey technology trends trojan twitter ubuntu uk video virus vista web windows windows7 working worm x86 xbox yahoo youtube
