Germany leads Europe for USB drive data security, UK and France lag behind

Research reveals nearly two-thirds of European organisations have suffered the loss of confidential data due to missing USB Flash drives   

·         A Kingston Technology and Ponemon Institute survey finds public and private sector organizations in Germany, Switzerland, Netherlands and the Nordic nations do more to manage the security of data held on USB Flash drives than those in the UK, France and Poland.

·         Organizations believe security is paramount, but don’t follow through with appropriate USB drive security policies.

·         Employees are often negligent of potential USB drive security issues, putting sensitive company data at risk.

Sunbury-on-Thames, UK – 08th December 2011 – Kingston Digital Europe Ltd, an affiliate of Kingston Technology Company Inc., the independent world leader in memory products, today announced the results of a study conducted by the Ponemon Institute in seven European countries to better understand how organisations manage the security and privacy requirements of data collected and retained on USB drives. The study confirms that many organisations are ignoring the risk of unencrypted USB drives and are not following through with appropriate USB security policies. The research also denotes marked differences in the approach and implementation of USB drive security from country to country.

The European study, an extension of an earlier study conducted in the United States, confirms the pressing need for organisations to adopt more secure USB products and policies. A total of 3,204 IT practitioners with an average of 10.75 years of IT or IT security experience in the United Kingdom, France, Germany, Nordics, Netherlands, Switzerland and Poland, were surveyed and all acknowledged the importance of USB drives from a productivity standpoint. Across Europe, 71 percent of respondents confirmed that their companies do not have the technologies to prevent or quickly detect the download of confidential data onto USB drives by unauthorized individuals.  The statistic shows most organisations are ignoring the risks of using unencrypted USB drives, resulting in most companies – 62 percent of those questioned – having suffered a loss of confidential or sensitive data because of missing USB drives in the last two years.

When comparing individual European countries, perceptions and practices about the importance of USB security is highest in Germany – with 62 percent agreeing that their organisation has an adequate USB security policy in place to prevent employee misuse. On the contrary, France and Poland are most at risk as a result of employees’ practices – 85 percent of respondents in France and 83 percent in Poland say that employees use USB drives without obtaining advance permission to do so.

Evidence of widespread compromise is apparent:

·         75 percent of respondents say employees in their companies are using USB drives without obtaining advance permission to do so.

·         A staggering 63 percent of respondents confirmed employees lose USB drives without notifying appropriate authorities all the time or very frequently.

·         France, UK and Poland have the highest rate of data breach as a result of a missing USB drives.

“At Kingston we believe a lack of oversight, education and corporate confusion are factors that lead to the overwhelming majority of data loss when it comes to USB Flash drives,” said Jim Selby, European Product Marketing Manager at Kingston Technology. “Organisations fear that any attempt to control a device like a USB is likely to be futile and costly, both in terms of budget and loss of productivity. However, a simple analysis of what a company needs and the knowledge that there is a range of easy-to-use, cost-effective, secure USB Flash drive solutions can go a long way toward enabling organisations and their employees to get a handle on the issue.”

“This survey has made it clear that attitudes toward USB security differ across Europe, but the overall findings underline how many organizations still lack rigorous and secure USB data protection policies, thus leaving a huge hole in corporate security strategies,” said Dr. Larry Ponemon, CEO of the Ponemon Institute. “Rarely a month goes by without another ‘confidential data lost on a USB drive’ story being reported in the press, so we hope the results of our survey acts as a wake-up call for European organisations.”

The survey was commissioned by Kingston Technology and conducted by the Ponemon Institute in September 2011 in the UK, Germany, France, Poland, Switzerland, Netherlands and the Nordic countries (Finland, Norway, Denmark, Iceland and Sweden). Each respondent averaged more than 10 years’ IT or IT security experience.

The full report can be downloaded from the Kingston Web site.

About Ponemon Institute
The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About Kingston Digital, Inc.
Kingston Digital, Inc. (“KDI”) is the Flash memory affiliate of Kingston Technology Company, Inc., the world’s largest independent manufacturer of memory products. Established in 2008, KDI is headquartered in Fountain Valley, California, USA. For more information, please call +44 (0)1932 738888 or visit www.kingston.com/europe