News Feature | March 4, 2016

Employee Banking Data, Personal Information At Risk

Christine Kern

By Christine Kern, contributing writer

Employee Data At Risk

Businesses face ongoing security challenges as they fail to fully engage encryption.

Businesses are falling short on security goals as they fail to fully engage encryption technology, leaving employee banking data and other personal information at risk according to a new survey from global network and endpoint security provider Sophos.

The State of Encryption Today survey polled 1,700 IT decision makers in six countries about their encryption habits, concerns, and plans.

Chief among the findings is while great efforts are often made to secure customer data, employees’ data is not afforded the same protection,  putting employees at risk.  In fact, private employee information that includes banking details, human resources files and health-care records remain vulnerable. While many companies prioritize the security of their customers’ data, employees are not protected on the same level.

The survey revealed that employee banking details stored by companies are not encrypted, according to 31 percent of companies, and that nearly half (47 percent) fail to encrypt employee health-care information.

And company data also remain at risk, with 30 percent of respondent organizations reporting they fail to always encrypt their corporate financial information, and 41 percent inconsistently encrypt files containing valuable intellectual property. And the percentage is higher in the United States, where 62 percent of organizations cited the need to secure proprietary data as a key driver to encryption.

“Data breaches happen to large and small companies every day, and the last line of defense against that breach turning into a corporate crisis is a comprehensive data encryption policy,” said Dan Schiappa, senior vice president and general manager of End-user Security at Sophos. “While it is the customer data breaches that hit the headlines, companies have the same obligation to protect sensitive employee data, and they should not overlook it.”

While organizations recognize the need for stronger encryption adoption, budgets, performance concerns and lack of deployment knowledge stand as barriers to greater use.

“The State of Encryption Today survey confirms that while encryption is widely used and accepted by businesses, it also highlights critical gaps,” Schiappa said. “Unfortunately, I am not surprised by the findings because too many people mistakenly believe that encryption is too complicated or too expensive to implement. The reality is that modern, next-generation encryption solutions can be easy to deploy and quite cost-effective.”

The survey polled 1,700 IT decision makers from mid-sized businesses across the United States, Canada, India, Australia, Japan, and Malaysia regarding encryption habits, concerns, and plans.