Emerald Business Systems Blog


Study Finds Protecting Credit Card and Patient Data Drives IT Spending Yet Most Organizations Still at Risk

Posted in Uncategorized by ebs4pos on October 30, 2009
Tags:

Home
Business & Finance
News
U.S.
Politics
International
Technology
Entertainment
Sports
Lifestyle
Oddly Enough
Health
Science
Special Coverage
Video
Pictures
Your View
The Great Debate
Blogs
Weather
Reader Feedback
Do More With Reuters
RSSRSS Feed
Widgets
Mobile
Podcasts
Newsletters
Your View
Make Reuters My Homepage
Partner Services
CareerBuilder
Affiliate Network
Professional Products
Support (Customer Zone)
Reuters Media
Financial Products
About Thomson Reuters
Study Finds Protecting Credit Card and Patient Data Drives IT Spending Yet Most Organizations Still at Risk
Tue Oct 20, 2009 9:15am EDT

Email | Print |
Share
| Reprints | Single Page
[-] Text [+]
Featured Broker sponsored link

Study Finds Protecting Credit Card and Patient Data Drives IT Spending Yet
Most Organizations Still at Risk
Less than half encrypt backup tapes, full disks and databases while nearly 20
percent said they would wait for a data breach before they encrypt tapes

SAUSALITO, Calif., Oct. 20 /PRNewswire/ — Trust Catalyst, a research firm
helping companies build data protection strategies that strengthen customers’
trust — today announced the findings of its second annual 2009 Encryption and
Key Management Benchmark Report which surveyed more than 600 IT security
professionals and was sponsored by Thales.

The study found 41 percent surveyed encrypt backup tapes, 43 percent encrypt
databases and 49% encrypt full disks, despite the growing number of new
industry, state and national data protection regulations. While participants
indicated the protection of health care and credit card data was driving
future IT spending, 19 percent said they would wait for a data breach before
they would encrypt tapes. This data left unprotected in databases and backup
tapes causes these organizations to be at higher risk for a data breach.

The study revealed the primary obstacles preventing organizations from
encrypting these applications were due to concerns about cost and data
availability. Once data is encrypted, participants fear they could lose this
data or it would not be available when it was needed causing a business
disruption even though twice as many surveyed admitted to a data breach than
losing data because of a lost encryption key.

“Given the nature of new data breach regulations, organizations no longer have
the luxury of time to wait and encrypt credit card and healthcare data because
of data availability concerns,” said Kimberly Getgen, Principal of Trust
Catalyst. “With less than 50 percent of participants encrypting backup tapes
and nearly 20 percent of respondents saying it would take the pain of a data
breach to get their organization to reverse their decision, too many
organizations, customers and patients are needlessly at risk.”

Here are some of the study’s key findings:

— Patient and Credit Card Data Protection Drives IT Budgets. 53.9
percent
indicated they were allocating budget for PCI DSS, 28.9% for HIPAA and
22.4% for the EU Data Privacy Directive. HIPAA was the number one
allocator of new budgets for US participants.
— Cost of encryption remains top concern. Participants express that
cost
remains the single most important factor preventing data that “should”
be encrypted from being encrypted. Over half cited the cost of the
encryption solution (26%) or the cost of managing the encryption
solution (25%) as their primary obstacles for being able to bring
encryption into their organizations where it is needed most.
— Operational concerns delaying encryption projects. The decision to
postpone encryption is often because operational efficiencies like
availability of data and performance are seen as more important than
data protection. For example, when asked specifically about what was
preventing them from encrypting databases, it was the complexity of
managing keys that was identified as the primary obstacle preventing
participants from encrypting backup tapes (24%). Here, participants
said availability was far more important than confidentiality.

— Cloud computing not ready for prime time. 52.1 percent of
participants
cite data security concerns as being the number one barrier preventing
their organization from adopting cloud computing. 42.6 percent of
survey participants said they were not currently planning on moving to
the cloud while another 46.5% said they would wait until data is
encrypted before moving. 58.8 percent said they would want to manage
their own encryption keys if encrypted data was moved to the cloud.

The full 2009 Encryption and Key Management Benchmark report can be downloaded
from http://www.trustcatalyst.com/2009EncryptionSurvey.php

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: