UK firms weak against ID theft, study says

Only one per cent of U.K. companies use all methods available to control access to their IT systems and prevent security problems, according to the Department of Trade and Industry (DTI).

Companies that used all identity and access management safeguards had no security incidents, according to the telephone survey of 1,000 companies. A consortium led by PricewaterhouseCoopers LLP conducted The Information Security Breaches Survey, the DTI said.

The survey’s full results will be released at the Infosecurity Europe conference in London next month.

Large companies reported only a small increase in the number of security incidents from 2004, the last time the survey was conducted. The use of strong authentication techniques, such as hardware tokens and digital certificates, have kept problems at bay, it said.

Businesses using biometric authentication methods reported fewer incidents than those using software-based tokens and certificates alone. But about 80 per cent of companies were simply using single-factor authentication such as passwords to protect data and access.

Banks led businesses in implementing two-factor authentication, as they have greater exposure to online fraud, said Chris Potter, information security assurance partner at PricewaterhouseCoopers.

Two-factor authentication can take different forms. For example, one method may require a person’s regular user name and password and then ask for an additional, one-time disposal password kept before access is granted to a banking Web site.

Most companies that aren’t using strong authentication said there is no business requirement yet to implement it, Potter said.

“Companies tend to be implementing two-factor authentication when either their risk profile is very high or they’ve had actual incidents in the past,” Potter said.

One in five of security incidents at large companies involved staff gaining unauthorized access to data. The survey said six per cent of companies suffered from phishing attacks.

Instances of fraud were low, but caused more damage than other breaches, the survey said. Some small businesses reported fraud losses of

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now