90% of local authorities in the UK cannot guarantee that all sensitive data held on their laptops and other computer systems is encrypted, according to a new report.
The survey, carried out by network solutions provider Telindus, comes after a series of high-profile security failings in the public sector in recent months and reveals an alarming number of councils are leaving themselves open to malicious attacks.
Whilst nearly have of all councils have reviewed their data security policies after the recent revelations of data losses although 43% have no plans to change their existing policies.
The city councils that are not upgrading their data protection technologies rely on solely on password authentication and the diligence of staff to follow data security guidelines that state that sensitive data must not be transferred to laptop computers. However Telindus claim that the 92% of the councils that allow their staff to connect to the council network from remote locations are running the risk of human error or malicious sabotage.
Commenting on the report, Telindus managing director Mark Hutchinson warned that the constant evolution of computer security threats meant that it was essential that local authorities continue to develop their IT security policies.
“Data leakage is becoming more commonplace as mobile working becomes more popular and the vast majority of the public and private sector still needs to play catch-up to this latest data security risk,” he said. “Resting on your laurels and relying on old security measures in a modern working environment is short-sighted and foolhardy.
“Encrypting data certainly helps protect data from the opportunist thief. However; there is no way of telling whether the encryption method has been compromised once in their possession.
“Councils must think beyond encryption when reviewing their security measures and consider installing a ‘track and kill’ device on all laptops.”
