This survey report summarizes the findings of a survey conducted by iGov Survey in partnership with Druva regarding data encryption and security strategies used by local government organizations in the UK. The key findings include:
- Over half of participants were confident in their ability to secure data, but less than 20% were very confident in user compliance.
- Nearly all organizations had some staff using mobile devices for work, but less than a third used cloud applications.
- Just 30% reported full awareness of new EU data laws, and over half said more research was needed before developing strategies to comply.
- Nearly half believed having a clearer understanding of compliance risks would benefit their organization.
To use Twitter to its fullest potential for public communications, emergency management, and other functions, law enforcement agencies must first understand the medium -- not only how
citizens use it, but also how their peers use it both officially and unofficially. This study, a survey of 1,089 police and police-related Twitter accounts, used 25 different criteria to show how agencies and officers are using Twitter, where they can improve, and implications for their future use.
The past few years have seen an explosion of cyber attacks, and with the 2015 OPM breaches underscoring the vulnerability of government data, agencies are racing to implement proactive, holistic cybersecurity measures. In order to measure changing federal perceptions and experiences regarding the present threat landscape, Government Business Council (GBC) and Dell conducted an in-depth research survey as a follow-up to a previous June 2014 GBC study.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Enterprise Encryption and Authentication Usage: Survey ReportEchoworx
Enterprise Encryption and Authentication Usage: A Survey Report contains the findings of market research conducted on behalf of Echoworx by Osterman Research.
The study polled the views IT decision makers and influencers, managing on average 14,000 email users per organization, to assess the adoption of encryption technologies in email for communicating sensitive and confidential records.
Infographic: Symantec Healthcare IT Security Risk Management StudyCheapSSLsecurity
Cybersecurity in Healthcare: While Cyberattacks and data breaches are rising across industries, healthcare is lagging behind in cybersecurity investment.
To use Twitter to its fullest potential for public communications, emergency management, and other functions, law enforcement agencies must first understand the medium -- not only how
citizens use it, but also how their peers use it both officially and unofficially. This study, a survey of 1,089 police and police-related Twitter accounts, used 25 different criteria to show how agencies and officers are using Twitter, where they can improve, and implications for their future use.
The past few years have seen an explosion of cyber attacks, and with the 2015 OPM breaches underscoring the vulnerability of government data, agencies are racing to implement proactive, holistic cybersecurity measures. In order to measure changing federal perceptions and experiences regarding the present threat landscape, Government Business Council (GBC) and Dell conducted an in-depth research survey as a follow-up to a previous June 2014 GBC study.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Enterprise Encryption and Authentication Usage: Survey ReportEchoworx
Enterprise Encryption and Authentication Usage: A Survey Report contains the findings of market research conducted on behalf of Echoworx by Osterman Research.
The study polled the views IT decision makers and influencers, managing on average 14,000 email users per organization, to assess the adoption of encryption technologies in email for communicating sensitive and confidential records.
Infographic: Symantec Healthcare IT Security Risk Management StudyCheapSSLsecurity
Cybersecurity in Healthcare: While Cyberattacks and data breaches are rising across industries, healthcare is lagging behind in cybersecurity investment.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Data Breach Insurance - Optometric Protector Plansarahb171
The Optometric Protector Plan offers malpractice, professional liability and business insurance for Optometrists, Ophthalmic Technicians and Students. Here is the 2014 Data Breach Industry Forecast.
2017 hospital networks: perspectives from four years of the individual exchangesMcKinsey on Healthcare
An analysis of the indivdual market health plans being offered across the U.S.reveals that the trends toward narrowed hospital networks and managed care continue.
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Tablets adoption and Mobile Web Usage :in Central euopeSumit Roy
Mobile devices are rapidly becoming the primary medium to access the
Internet across all age groups in Germany, Austria, and Switzerland. In
a world brimming with smarter smartphones, tablets, notebooks, and
other affordable Web-enabled mobile devices, and powered by better
network coverage, faster broadband connections
Canadian Clearinghouse on Cyberstalking NCFTA PresentationRandyMcCall
An introduction to the Clearinghouse project, including: a statistical view of cyberstalking in Canada; and common victim and offender characteristics; the common ways of resolving harassment; a view of our objectives and goals; and specific features the final Clearinghouse web site will possess.
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhiShreedeep Rayamajhi
This Report highlights finding of present crisis situation of COVID19 which has pressured different sectors with various issues and challenges directly affecting the technological and physiological behavior of users. These behavioral and psychological changes are subjected to the values and condition of individual users and their presence of mind. This has hugely impacted and questioned the current status of Cyber security situation in developing nations. This report is subjective to the case study done in context of Nepal during the COVID19 where the number of cases of data breach and hacking extensively increased.
Sharing the blame: How companies are collaborating on data security breaches, is an Economist Intelligence Unit research project, sponsored by Akamai Technologies, exploring the ways in which organisations are collaborating to deal with the disclosure of data security breaches. How are they co-operating with governments, other companies and third parties in areas such as requirements for the public disclosure of such breaches? Do they have consistent cyber security policies? To what extent are they sharing best practices?
How to register with Udyomitra? Registration is made as simple as possible at Udyomitra. It takes just a few minutes to create a complete quality filled profile with us. Follow the steps explained in the slide and get into Udyomitra Professional Network.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Data Breach Insurance - Optometric Protector Plansarahb171
The Optometric Protector Plan offers malpractice, professional liability and business insurance for Optometrists, Ophthalmic Technicians and Students. Here is the 2014 Data Breach Industry Forecast.
2017 hospital networks: perspectives from four years of the individual exchangesMcKinsey on Healthcare
An analysis of the indivdual market health plans being offered across the U.S.reveals that the trends toward narrowed hospital networks and managed care continue.
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Tablets adoption and Mobile Web Usage :in Central euopeSumit Roy
Mobile devices are rapidly becoming the primary medium to access the
Internet across all age groups in Germany, Austria, and Switzerland. In
a world brimming with smarter smartphones, tablets, notebooks, and
other affordable Web-enabled mobile devices, and powered by better
network coverage, faster broadband connections
Canadian Clearinghouse on Cyberstalking NCFTA PresentationRandyMcCall
An introduction to the Clearinghouse project, including: a statistical view of cyberstalking in Canada; and common victim and offender characteristics; the common ways of resolving harassment; a view of our objectives and goals; and specific features the final Clearinghouse web site will possess.
Report on data breach and privacy in nepal during covid19 by shreedeep rayamajhiShreedeep Rayamajhi
This Report highlights finding of present crisis situation of COVID19 which has pressured different sectors with various issues and challenges directly affecting the technological and physiological behavior of users. These behavioral and psychological changes are subjected to the values and condition of individual users and their presence of mind. This has hugely impacted and questioned the current status of Cyber security situation in developing nations. This report is subjective to the case study done in context of Nepal during the COVID19 where the number of cases of data breach and hacking extensively increased.
Sharing the blame: How companies are collaborating on data security breaches, is an Economist Intelligence Unit research project, sponsored by Akamai Technologies, exploring the ways in which organisations are collaborating to deal with the disclosure of data security breaches. How are they co-operating with governments, other companies and third parties in areas such as requirements for the public disclosure of such breaches? Do they have consistent cyber security policies? To what extent are they sharing best practices?
How to register with Udyomitra? Registration is made as simple as possible at Udyomitra. It takes just a few minutes to create a complete quality filled profile with us. Follow the steps explained in the slide and get into Udyomitra Professional Network.
We are a reputed organization engaged in manufacturing of Ladies Dress. Not only the aesthetic embroidery, elegant designs but attributes like smooth texture, vibrant color, neat stitching and fine finishing are also appreciated by our customers.
Learn about key trends facing the mobile forensics industry this year, including growing device and data backlogs, cloud-based data, and how to manage large quantities of data from multiple disparate sources.
Envisioning IC ITE: The Next Generation of Information SharingGov BizCouncil
It’s 2016, and the U.S. Intelligence Community (IC) is seeking to unlock greater levels of effectiveness by implementing the IC Information Technology Enterprise (IC ITE), a common platform dedicated to enhancing integration, information sharing processes, and security across agencies. In order to learn more about the current state of the intelligence environment, Government Business Council (GBC), Harris, and the Intelligence National Security Alliance (INSA) surveyed government leaders from the intelligence community.
MEF Global Consumer Trust Report.
The study explores the key areas of trust, privacy, transparency and security to identify their impact on mobile consumers globally from purchasing a new device to downloading apps or paying for goods and services.
How do dutch non profit organizations embrace information technologyPascal Dijkman
Great start of NetSquared, a program of TechSoup meetup in Amsterdam. So much can be done with #Tech4Good. Find TechSoup NL report highlights here https://goo.gl/nPP9jG.
Many applications on smart Phones can use various sensors embedded in the mobiles to provide users’ private information. This can result in a variety of privacy issues that may lessening level of mobile apps usage. To understand this issue better the researcher identified the root causes of privacy concerns. The study proposed a model identifies the root causes of privacy concerns and perceived benefits based on our interpretation for information boundary theory. The proposed model also addresses the usage behavior and behavioral intention toward using mobile apps by using the Theory of Planned Behavior. The result shows that “Cultural values” alone explains 70% of “Perceived privacy concerns” followed by “Self-defense” which explains around 23% of “Perceived privacy concerns”, and then “Context of the situation” with 5%. Whereas, the findings show that “Perceived effectiveness of privacy policy” and “Perceived effectiveness of industry self-regulation” both are factors which have the ability to reduce individuals “Perceived privacy concerns” by 9% and 8% respectively.
For more information, please visit: http://bit.ly/1PCZc0T
Cloud services, big data analytics and the Internet of Things can transform the public sector. While the opportunities appear to be innumerable, restricted primarily by finite budgets, barriers to adoption commonly emerge in three areas: quality of infrastructure, legal framework and skills. Comprehensive coverage and bandwidth are important infrastructure requirements but cost of access can impede take-up, a problem which countries can potentially manage by reducing entry barriers in their telecommunications sector. Facilitating adoption requires clear rules relating to data collection, storage, sharing, privacy and security.
In a survey of 360 executives conducted for the report, those who believe that national data privacy regulation is a benefit outnumber those who say it is a burden by 3 to 2 (cited by 33% and 20% respectively).
The results, however, do depend on local context. In Singapore almost one-half (48%) of executives say regulation is a benefit while the equivalent number in Hong Kong is less than half of that (22%).
These are among the key findings of Finding their way: Corporates, governments and data privacy in Asia, which examines the views of business on data privacy regulation in the region. The report was sponsored by SafeNet.
Overall, only one-third (33%) of Asian executives agree that data privacy regulations limit corporate opportunities, but again the numbers vary according to jurisdiction.
For instance, almost twice as many executives in Singapore (42%) believe current policies are a barrier to growth as in India (22%). It is likely that perceived levels of enforcement within countries play a role as companies in a weak environment may take advantage of this at the expense of consumers. In fact, three-quarters (75%) of Indian executives say consumers in their country don’t seem to care about data privacy, which encourages aggressive companies to take risks.
Just 59% of Asian executives believe government regulators in their country have a high level of knowledge about data privacy regulations. In India only 38% of executives cite a high level of awareness among regulators.
Similar to Encrypting User Data in Local Government 2016 (20)
3. The Survey
The protection of data is paramount right across the public sector, but as the public face
of government, local authorities are under increasing pressure to maintain the trust of the
public by ensuring that their citizens’ information is effectively safeguarded.
At the end of last year, the Information Commissioner’s Office (ICO) published an
analysis of ‘Data security incident trends’ , which considered a study of the recent data1
security incidents under their consideration.
It found that during the second quarter of the 2015/16 year (July to September 2015),
despite being the second most ‘prevalent’ sector in terms of data breaches, Local
Government accounted for just 11% of the total number of cases at the time (559). Yet as
local government is not currently mandated to alert the ICO to data breaches, there
could still be many that go unreported. The study also notes that the healthcare was by
far the worst offender, which could in part be attributed to the sensitivity of the data
processed by these organisations, the sheer size of the sector, and a recent move by the
NHS which now makes it mandatory to report incidents.
In the case of Local Government, the study does note that there has been a marginal
improvement since the third quarter of 2014/15 (October to December 2014) over the
course of the 2015/16 year. Yet it also warned that, in comparison to the first quarter of
this financial year, there had been a 27% increase.
The biggest issue was found to be the loss and/or theft of paperwork, which accounted
for a fifth of all incidents in this sector.
While Local Government continues to battle through a period of tight budget constraints,
protecting sensitive information must remain a top priority. Citizens are now looking to
their local authorities to safeguard their data in a time of increased digital connectivity
and transparency. This means that the strategies put in place to allow authorities to meet
the challenge of generating more efficient ways of working - often through the use of
new technologies such as mobile and cloud - must also be balanced with effective
security.
In light of this issue, iGov Survey have recently partnered with the fastest growing cloud-
based data protection provider, Druva, to further understand the barriers and benefits
this challenge brings to Local Government.
With large amounts of data now being stored in various locations such as endpoints and
the cloud, Druva and iGov launched a research project to examine the data security and
encryption strategies currently in place across the sector. It looked at the use of mobile
devices, as well as online and Cloud applications, and the security concerns that were
raised due to the use of these technologies. Finally, it also considered the impact of data
legislation put in place by government, and the bearing it has on the strategies currently
being used.
https://ico.org.uk/action-weve-taken/data-security-incident-trends/1
Page of3 15 Encrypting User Data in Local Government 2016
4. Survey Methodology and
Respondents Profile
This survey was conducted by iGov Survey in collaboration with Druva, and ran from 3rd
November 2015 to 21st December 2015. iGov Survey, a research body comprising of an
independent team of public sector experts, partnered with Druva on the project and all
views and results expressed within this report are from iGov’s impartial view point unless
explicitly stated otherwise.
Survey respondents represent a broad cross-section of seniority levels across Local
Government organisations, and job roles across IT departments, Corporate Services, and
at a Chief Executive/Deputy level.
84 individuals participated from 70 unique organisations across local authorities, each of
whom will have received a complimentary copy of the findings report. There was no
inducement to take part, and Druva was not introduced as the survey partner.
The results displayed throughout this report are based on those who fully completed the
questionnaire and are displayed as a percentage unless otherwise stated.
Page of4 15 Encrypting User Data in Local Government 2016
Borough
City
County
District
Metropolitan
Unitary
0 10 20 30
Sector Breakdown: Local Council Types
5. Key Findings
Over half of participants (59%) are ‘very confident’ in their
organisation’s ability to secure sensitive data on end-user
devices
However, confidence among the majority of this group drops when asked if they believe
their end-users comply with data protection laws. Just 18% remained ‘very confident’,
whilst over half were ‘somewhat confident’ (63%).
Page of5 15 Encrypting User Data in Local Government 2016
0 25 50 75 100
Very confident Somewhat confident Not very confident
Not at all confident
Our organisation is able
to secure sensitive data
on end-user devices
Our end-users fully
comply with data
security policies
Question: How confident are you in the following:
6. Almost all of our survey participants stated that at least a
small proportion of their staff had access to a mobile
device for work purposes (93%)
This was supported by 83% who said they had a Mobile Device Management solution
deployed within their organisation.
Of those who stated that at least a small proportion of their staff had access to a mobile
device for work purposes, nearly a third (29%) stated that this applied to 11-25%, whilst a
further 14% told us more than 75% of their work force had access.
Page of6 15 Encrypting User Data in Local Government 2016
7%
62%
31%
Yes
No
Don't know
Question: Do you currently have a Mobile Device
Management solution deployed for mobile devices across
your organisation?
More than 75%
51 - 75%
26 - 50%
11 - 25%
1 - 10%
0%
Don't know
0 10 20 30
Question: What percentage of your staff currently uses or has access to a mobile device for
work purposes?
7. Nearly two-thirds of participants stated they did not use
cloud applications within their organisation (62%)
Despite the growing use of Cloud technology, and an awareness of the benefits this can
bring to Local Government, just 31% told us that they used these applications within their
organisations.
Yet interestingly, of the 30% who do make use of cloud applications, only a small
minority (31%) are able to monitor what sensitive data is accessed by end-users through
these applications. In addition, a further 28% did not know whether this was possible or
not.
Page of7 15 Encrypting User Data in Local Government 2016
7%
62%
31%
Yes
No
Don't know
Question: Currently, does your organisation use cloud
applications such as Office 365 or Dropbox?
42%
28%
30%
Yes
No
Don't know
Question: Are you able to monitor the sensitive data
accessed by end-users through these applications?
8. Just 30% of survey participants reported that they had ’full
awareness’ of new data laws soon to be introduced by the
EU under the General Data Protection Regulation (GDPR)
A further 59% reported having a limited awareness of the new data laws, whilst 11% told
us they had no awareness of the new laws at all.
Encouragingly, just under a third (31%) told us they were already planning further
development to meet the requirements of the new data laws. In contrast, over half (53%)
said that more research was needed into what these new laws entail before their
organisation conducted any development within their data security and protection
strategies.
Page of8 15 Encrypting User Data in Local Government 2016
11%
59%
30%
Yes - I am fully aware of this
Yes - I have a limited awareness of this
No
Question: Are you aware of the new data laws soon to be
introduced by the European Union under the General Data
Protection Regulation (GDPR)?
13%
3%
53%
31%
Yes
We need to do more research into what this entails
No
Don't know
Question: Is your organisation planning any development
within your data security and data protection to meet these
new requirements?
9. Almost half (47%) also believe that further understanding
of compliance risks would be beneficial to their
organisation
Just 28% of surveyed organisations felt that they didn’t currently require any further
knowledge of data protection, whilst a further 17% felt their organisation needed to
develop a better understanding of how to secure sensitive data to update their strategy
in line with new technologies.
Page of9 15 Encrypting User Data in Local Government 2016
0 10 20 30 40 50
Question: To what extent do you think having a clearer understanding of compliance risk on end-
user systems would benefit your organisation?
I feel our organisation needs a better
understanding of how to secure
sensitive data to update our strategy
in line with new technologies
Further understanding would be
beneficial to us as we review our data
protection strategy
We don’t feel any further knowledge
of data protection is required at this
time
Other - please specify
Don’t know
10. Conclusion
by Rick Powles, Senior Vice President at Druva EMEA
With large amounts of data now being stored in various locations such as endpoints and
Cloud applications, organisations are challenged to keep up with evolving security
threats and technology to ensure that sensitive information is protected at all times. New
privacy laws also strain organisations who may not understand what is required or have
the tools in place to ensure compliance. This survey examined the data security and
encryption strategies currently in place along with provided insights into the barriers and
benefits that new technologies and legislations bring to Local Government organisations.
Fortunately, organisations in the public sector recognise the need to better understand
the impact that these challenges have on their existing data protection strategy.
Additionally, they understand that the lack of visibility into sensitive data in the cloud
poses a threat. Protecting sensitive information must remain a top priority for local
governments as well as staying informed of not only changes in legislation but tools that
can better equip them for the future.
Page of10 15 Encrypting User Data in Local Government 2016
11. Appendix 1: Full Survey Questions
Page of11 15 Encrypting User Data in Local Government 2016
Grid Question: How confident are you in the following:
Our organisation is able to secure sensitive data (such as citizen information, financial
records, housing data, etc) on end-user devices
Answer Percent
Very confident 59%
Somewhat confident 34%
Not very confident 3%
Not at all confident 4%
Our end-users fully comply with data security policies
Answer Percent
Very confident 18%
Somewhat confident 63%
Not very confident 13%
Not at all confident 6%
Question: What percentage of your staff currently uses or has access to a mobile device
for work purposes?
Answer Percent
0% 0%
1 - 10% 3%
11 - 25% 29%
26 - 50% 27%
51 - 75% 20%
More than 75% 14%
Don’t know 7%
Question: Do you currently have a Mobile Device Management solution deployed for
mobile devices across your organisation?
Answer Percent
Yes 83%
No 7%
Don’t know 10%
12. Page of12 15 Encrypting User Data in Local Government 2016
Question: In terms of a percentage, how many of your organisation’s mobile devices are
encrypted?
Answer Percent
0% 3%
1 - 10% 3%
11 - 25% 1%
26 - 50% 7%
51 - 75% 8%
More than 75% 65%
Don’t know 13%
Question: On average, how many devices are damaged or lost in your organisation per
year?
Answer Percent
1 - 10 42%
11 - 20 13%
21 - 30 7%
More than 30 7%
Don’t know 31%
Question: Are there any groups in your organisation most prone to losing mobile devices
or subject to theft?
Answer Percent
Frontline staff, such as administration 21%
Managers 1%
Data handlers/managers 3%
Executives 7%
Other - please specify 14%
Don’t know 54%
Question: Currently, does your organisation use Cloud applications such as Office 365 or
Dropbox?
Answer Percent
Yes 31%
No 62%
Don’t know 7%
13. Page of13 15 Encrypting User Data in Local Government 2016
Question: Are you able to monitor the sensitive data accessed by end-users through these
applications?
Answer Percent
Yes 30%
No 28%
Don’t know 42%
Question: Are you aware of the new data laws soon to be introduced by the European
Union under the General Data Protection Regulation (GDPR)?
Answer Percent
Yes - I am fully aware of this 30%
Yes - I have limited awareness of this 59%
No 11%
Question: Is your organisation planning any development within your data security and
data protection to meet these new requirements?
Answer Percent
Yes 31%
We need to do more research into what this entails 53%
No 3%
Don’t know 13%
Question: Are you looking to implement a new solution as part of these plans?
Answer Percent
Yes - within the next 6 months 27%
Yes - within the next 12 months 14%
Yes - post 12 months 9%
Yes - when the GDPR comes into effect 14%
We have no plans at this time 27%
Don’t know 9%
14. Page of14 15 Encrypting User Data in Local Government 2016
Question: To what extent do you think having a clearer understanding of compliance risk
on end-user systems would benefit your organisation?
Answer Percent
I feel our organisation needs a better understanding of how to secure sensitive data to
update our strategy in line with new technologies
17%
Further understanding would be beneficial as we review our data protection strategy 47%
We don’t feel any further knowledge of data protection is required at this time 28%
Other - please specify 4%
Don’t know 4%
15. Appendix 2: Participating Organisations
Page of15 15 Encrypting User Data in Local Government 2016
Armagh, Banbridge and Craigavon District Council
Arun District Council
Aylesbury Vale District Council
Birmingham City Council
Bracknell Forest Council
Brent Council
Buckinghamshire County Council
Cambridgeshire County Council
Central Bedfordshire Council
Chelmsford City Council
Cheshire West and Chester Council
Chesterfield Borough Council Chichester District Council
City of Bradford Metropolitan District Council
City of London Corporation
Copeland Borough Council
Cumbria County Council
Derby City Council
Derbyshire County Council
Dorset County Council
Dudley Metropolitan Borough Council
East Cambridgeshire District Council
East Hampshire District Council
Eastbourne Borough Council
Erewash Borough Council
Flintshire County Council
Forest of Dean District Council
Hampshire County Council
HerFordshire County Council
Hinckley and Bosworth Borough Council
Leeds City Council
London Borough of Hammersmith and Fulham
Manchester City Council
Medway Council
Mendip District Council
Norfolk County Council
North Lanarkshire Council
North Warwickshire Borough Council
Oxfordshire County Council
Peterborough City Council
Redcar and Cleveland Borough Council
Renfrewshire Council
Rochdale Borough Council
Runnymede Borough Council
Shetland Islands Council
Shropshire Council
Solihull Metropolitan Borough Council
South Gloucestershire Council
South Norfolk Council
South Somerset District Council
Southend on Sea Borough Council
St Helens Council
Stockport Metropolitan Borough Council
Stoke-on-Trent City Council
Sunderland City Council
Surrey County Council
Tandridge District Council
Tendring District Council
The Moray Council
Thurrock Council
Torbay Council
Trafford Council
Vale of Glamorgan Council
Warrington Borough Council
Wealden District Council
West Lothian Council
Wigan Council
Wiltshire Council
Wirral Borough Council