UK businesses failing in e-crime protection

DTI survey shows increased corporate investment but lack of adequate security

Written by Daniel Thomas

Computing, 15 Mar 2006

Just one per cent of UK companies are taking all the necessary measures to prevent computer crimes within their organisation, according to a government IT security survey released today.

The Department of Trade and Industry’s (DTI) biennial Information Security Breaches Survey for 2006 shows that, despite increased investment, most companies lack sufficient identity and access management systems to guard against internal fraud and intellectual property theft.

Among large companies there was a small increase in security incidents, with insufficient identity and access management providing employees at one in five of these firms with unauthorised access to sensitive information.

‘Uptake in identity management is still fairly piecemeal, and even the adoption of single pieces isn’t good enough,’ said Andrew Beard, director at PricewaterhouseCoopers, which conducted the survey on behalf of the DTI.

As well as financial loss, unauthorised access to customer databases and intellectual property can damage a company’s reputation and even its share prices, says the report.

Part of the problem is that 80 per cent of businesses rely solely on passwords rather than adopting stronger forms of identity, such as tokens or biometrics, to secure business-critical applications and databases.

In large firms 70 per cent of employees have to remember between two and six passwords to access systems, which can lead to some staff writing them down.

‘It is worrying that firms are using just passwords. We know how crackable passwords are and how easy it is to get people to give them out through social engineering tactics, yet firms still rely on them,’ said Beard.

But Andrew Yeomans, vice president of information security at Dresdner Kleinwort Wasserstein, says identity and access management depend as much on business processes as on IT.

‘Companies need to make appropriate risk-based judgements, and must remember that convenience and the usability of systems is part of that.’

The full report will be released at InfoSecurity Europe in London in April.

What do you think? Email us at: mailto:feedback@computing.co.uk

Tags:

reader comments

related articles

 
Internet

Poor password practice putting users at risk

Security still playing second fiddle to convenience, warns Gartner 25 Feb 2009

Communications

Infosec 2009: Better incentives required to stop data loss

Panel discussion highlights confusion, laxity and a lack of co-ordination 29 Apr 2009

Management

Analysis: Experts discuss security in a recession

Benchmarking study highlights where firms are failing 27 Feb 2009

related whitepapers

today's top stories

Communications

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

Internet

Habitat gets a web site makeover

The furniture retailer is revamping its online presence to provide a fully transactional web site. CIO Jacques Dekock explains why 02 Jul 2009

Public Sector

Government aims to bolster UK's cyber defences

Is the UK’s first national cyber security strategy up to the task of co-ordinating the country’s response to digital threats? Computing investigates 02 Jul 2009

Management

Focus resources on what really matters

IT has become too caught up in the drive for efficiency, at the expense of business success 02 Jul 2009

Management

From tracks man to tax man

Phil Pavitt, outgoing chief information officer for Transport for London, talks to Rosalie Marshall about the lessons he will take to his new role at HMRC 02 Jul 2009

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you use social networking sites to look for a job?

Would you use social networking sites to look for a job?

Tell us what you think about job hunting through LinkedIn, Facebook, Twitter etc

View poll results

> More polls

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

> More audio and video

Latest in-depth articles

Phil PavittAnalysis

From tracks man to tax man

Phil Pavitt, outgoing chief information officer for Transport for London, talks to Rosalie Marshall about the lessons he will take to his new role at HMRC 02 Jul 2009

UPS worker making a deliveryAnalysis

Global standardisation delivers benefits at UPS

Delivery giant sees benefits of central IT solution 02 Jul 2009

> More in depth articles

Advertisement

Primary Navigation