Average loss from encryption-related issues is $1,24,965 per year
Security vendor Symantec released the findings of its 2011 Enterprise Encryption Trends Survey, which found enterprises are securing data with encryption in more places than ever.
On the flip side, the survey discovered that encryption solutions are fragmented, risk-ridden for organisations from the lack of centralised control of access to sensitive information and disrupting critical processes such as e-discovery and compliance monitoring. The survey found that the inability to access important business information due to fragmented encryption solutions and poor key management is costing each organization an average of $1,24,965 per year.
Symantec director product management Joe Gow said while many organisations understand the importance of encrypting their data, issues with key management and multiple point products can give them inconsistent visibility into what has been protected. He added, "As the Enterprise Encryption Trends survey demonstrates, encryption needs to evolve from a fragmented protection historically implemented at the line of business level to a capability that is managed as a core component of organizations’ IT security operations."
The survey found that 48% of enterprises increased their use of encryption over the past two years. A third of the respondents said unapproved encryption deployment is happening on a somewhat to extremely frequent basis.
It was also found that organisations are not very confident in their ability to effectively manage encryption keys. All of the organisations, which reported encryption key issues, incurred some sort of related costs, such as compliance requests (48 percent), inability to respond to eDiscovery requests (42 percent), and inability to access important business information (41 percent).