SlideShare a Scribd company logo

Enterprise Encryption and Authentication Usage: Survey Report

Echoworx
Echoworx

Enterprise Encryption and Authentication Usage: A Survey Report contains the findings of market research conducted on behalf of Echoworx by Osterman Research. The study polled the views IT decision makers and influencers, managing on average 14,000 email users per organization, to assess the adoption of encryption technologies in email for communicating sensitive and confidential records.

Technology
1 of 16
Download to read offline
SURVEY REPORT Conducted by Osterman Research on behalf of Echoworx Enterprise Encryption and Authentication Usage
©2016 Osterman Research, Inc. 1 Enterprise Encryption and Authentication Usage: A Survey ReportEXECUTIVE SUMMARY Osterman Research conducted a primary market research survey on behalf of Echoworx. The goal of the survey was to query encryption-focused decision makers and influencers in organizations of various sizes about their organizations’ plans for the deployment of encryption technologies, two- factor authentication and related issues. A total of 165 surveys were completed with the Osterman Research survey panel during September 2016. KEY TAKEAWAYS Here are the key points we discovered in the research: • The priority for email/message encryption in the technology stack is growing for most organizations. Whereas email/message encryption was a “very important” or “critical” priority for 45 percent of organizations in 2015, that figure has increased to 53 percent in 2016. At the same time, those reporting that email/message encryption is “not important” has declined from 24 percent to 19 percent during the same period. • However, email/message encryption is used “extensively” by only 40 percent of organizations, indicating there are still many opportunities left for expansion of the installed base of encryption- enabled users. To expand the market, vendors will need to overcome the perception that encryption asks too much of email recipients, that it is too difficult for senders to use, and that encryption solutions are too expensive, among other objections. • The proportion of organizations that have an encryption strategy has increased dramatically over the past 12 months, from 51 percent of organizations in 2016 to 75 percent in 2016. That is good news for the adoption of encryption technologies, since the development of an encryption strategy generally precedes the deployment of technologies to address it. • The primary focus of encryption continues to be external communications, but decision makers are realizing the value of encryption across a wide range of applications, including internal communication. • The vast majority of organizations understand the important role of encryption as a means of satisfying their data protection obligations and for reducing corporate risk, such as the ability for the proper use of encryption to dramatically reduce the likelihood of a data breach. We found that more than three-quarters of the organizations surveyed have plans to extend their data protection capabilities using encryption. • Most organizations view compliance and data breach prevention as the primary drivers for using email/message encryption. In fact, of the top five reasons to use email/message encryption, three (and, arguably, four) of the drivers are focused on addressing data breach-related issues. The impact of well-publicized data breaches, and the increasing frequency of their occurrence, has not been lost on decision makers. • Decision makers are looking for an encryption solution to offer support for industry standards, ease-of-use for mobile users, and automatic encryption capabilities, among a variety of other features and functions. In the context of mobile email encryption, more than two-fifths of organizations would prefer to use packaged or built-in encryption capabilities while 11 percent would prefer custom apps, but one-third have no preference either way. SURVEY FINDINGS MOST ORGANIZATIONS TAKE ENCRYPTION SERIOUSLY Encryption is an essential best practice in the context of email, file sharing and other communications modes in which sensitive or confidential business records are shared, both within and outside of an organization. Fortunately, that is a message that seems to be resonating well with decision makers and influencers. As shown in Figure Q11-12, 53 percent of the decision makers and influencers surveyed for this report believe that email/message encryption is either “very important” or “critical”, up substantially from 45 percent who had this view in 2015.
©2016 Osterman Research, Inc. 2 Enterprise Encryption and Authentication Usage: A Survey Report Figure Q11-12 Priority for Email/Message Encryption in the Technology Stack 2015 and 2016 Source: Osterman Research, Inc. The importance of email/message encryption should not be underestimated. In a July 2016 survey of information workers conducted by Osterman Research, we discovered that whether or not these workers can encrypt email, 15 percent of the emails they send on a typical day contain sensitive or confidential information that definitely should be encrypted, and another 17 percent of emails contain information that would be encrypted because of their semi-sensitive/confidential nature. That means that about one-third of the 30 emails sent by information workers on a typical workday should be encrypted, but often are not. A failure to encrypt email can carry with it a number of serious consequences, including loss of intellectual property, data breaches that violate regulatory obligations to protect sensitive data, legal actions, revenue loss and other problems.
©2016 Osterman Research, Inc. 3 Enterprise Encryption and Authentication Usage: A Survey ReportORGANIZATIONS ARE DEVELOPING AN ENCRYPTION STRATEGY As shown in Figure Q8-9, organizations are developing an encryption strategy and the proportion doing so is ramping up quickly. In 2015, for example, about one-half of organizations had an encryption strategy, but three-quarters of them do today. Figure Q8-9 “Does your organization have an encryption strategy?” 2015 and 2016 Source: Osterman Research, Inc. The fact that organizations are rapidly implementing encryption strategies is good news, since the development of such a strategy is an essential best practice before organizations implement encryption technologies. While deployment of an encryption solution in the absence of an encryption strategy will provide some benefits, having the strategy in place first will yield substantially greater benefits. If employees are trained on what should be encrypted if they are using manual solutions, and if rules for what must be encrypted are established for policy-based encryption systems, an organization will face much less risk and its information will be more protected if the strategy is in place first.
©2016 Osterman Research, Inc. 4 Enterprise Encryption and Authentication Usage: A Survey ReportEXTERNAL ENCRYPTION IS REQUIRED BY MOST ORGANIZATIONS Not surprisingly, most organizations are focused on email/message encryption for external communications. As shown in Figure Q18, more than three in five of the organizations surveyed requires encryption services for external communication, while nearly one-half requires encryption for mailbox-to-mailbox communications. Figure Q18 Types of Encryption Services Required Source: Osterman Research, Inc. An important driver for encryption is communication with external parties: customers, prospects, business partners and others for which communications must traverse the Internet, not just corporate LANs or WANs that are under the complete control of an organization. However, as email continues to move to the cloud, the proportion of “external” communication will continue to grow, even when users sitting side-by-side are sending email to one another, thereby making encryption critically important for virtually all communication that takes place in a corporate context.
©2016 Osterman Research, Inc. 5 Enterprise Encryption and Authentication Usage: A Survey ReportMOST WILL USE ENCRYPTION TO EXTEND DATA PROTECTION Data protection is an essential element in any organization’s information governance posture, and encryption is a key technology that will enable organizations to more adequately protect sensitive and confidential information. As shown in Figure Q10, more than two in five organizations plan to extend data protection via the use of encryption technologies over the next year, while most of the remaining organizations will be doing so after 2017. Only a small minority of organizations does not see the need for extending data protection through encryption. Figure Q10 Plans for Extending Data Protection Using Encryption Source: Osterman Research, Inc. Information security and privacy issues are closely related to the variety of regulatory obligations that organizations face. Many governmental regulations have requirements for handling and retention of certain types of information under the organization’s control. There are at least two types of sensitive data that organizations should take pains to control and secure: employee/customer Personally Identifiable Information (PII) and intellectual property. Inadvertent release of a customer’s or employee’s social security number, bank account number, health information or tax information can trigger lawsuits, massive costs, and penalties, as well as negative publicity for the organization. Intellectual property represents potentially huge amounts of investment by the organization. Leaks of intellectual property though theft or inadvertent disclosure can cost an organization millions (or billions) of dollars, loss of market share, loss of shareholder equity, and ongoing negative publicity. An Osterman Research survey has found that more than one- third of organizations have experienced theft of sensitive or confidential information. An important consideration for data protection in the European Union (EU), but impacting any organization that does business in the EU, is the General Data Protection Regulation (GDPR). The GDPR is a sweeping new regulation that will unify and strengthen personal data protection within the EU. The goal of the GDPR is to enable citizens of the EU to have more control over their personal data, as well as to simplify corporate data protection obligations by unifying the various regulations that currently exist within the EU. The GDPR has already been adopted, but will take effect in May
©2016 Osterman Research, Inc. 6 Enterprise Encryption and Authentication Usage: A Survey Report 2018. The GDPR affects any organization that processes the personal data of EU residents, regardless of where in the world that organization might be located. The regulation has important implications for a variety of technologies that organizations deploy – encryption being chief among them – as well as how they collect, store, process, produce and delete information. Non-compliance with the provisions of the GDPR carries with it fines of up to four percent of an organization’s annual revenue or €20 million, whichever is higher. REASONS FOR USING EMAIL/MESSAGE ENCRYPTION As shown in Figure Q13, compliance with statutory regulations is the primary driver for the use of email/message encryption among the organizations we surveyed, cited by more than one-half as an “important” or “very important” driver. Following closely behind in importance as a driver for the use of email/message encryption is management’s awareness of an increasing number of data breaches, avoiding the cost of data breaches, and avoiding the negative publicity associated with such a breach. Figure Q13 Drivers for Using Email/Message Encryption Percentage Responding an Important or Very Important Driver Source: Osterman Research, Inc. There is a wide range of drivers for organizations to implement email/message encryption. These drivers will vary widely based on the industries in which an organization operates, the regulatory climate it faces, the legal challenges it has experienced or anticipates, the risk tolerance of its senior management, the geographies in which it operates and other factors. However, as shown above, three of the top five drivers (and, arguably, four drivers) for implementing email/message encryption are focused on addressing data breaches. Clearly, the increasing number of data breaches, the problems they cause, and the ways in which encryption can help to significantly reduce the risk of a data breach from happening is a message that decision makers and influencers are embracing.
©2016 Osterman Research, Inc. 7 Enterprise Encryption and Authentication Usage: A Survey ReportENCRYPTION IS NOT USED AS EXTENSIVELY AS IT SHOULD BE Despite the importance of encryption and the benefits that it offers, only two in five organizations report that encryption is used “extensively”, as shown in Figure Q14. While the definition of the term “extensively” is open to debate, what is clear is that encryption is simply not being used as much as it should be. Figure Q14 “Is your organization using encryption extensively?” Source: Osterman Research, Inc. There are several reasons why encryption is not more widely deployed: • Some older encryption solutions were difficult to use for both senders and recipients and were more of an impediment to productivity than a benefit – clearly, that objection is still a common on as shown in Figure Q15. While newer encryption solutions are generally much easier to use, many remember the difficulty of using older solutions and are hesitant to implement new ones. • Because mobile platforms are an important consideration in any organization’s IT infrastructure, some are resistant to use encryption because the experience on mobile devices can be difficult, creating a roadblock for user productivity and resistance to use encryption solutions for mobile users. • Encryption can also be a problem for archiving and malware detection, since content that is encrypted between users often cannot be inspected.
©2016 Osterman Research, Inc. 8 Enterprise Encryption and Authentication Usage: A Survey Report • Other reasons that are preventing wider adoption of encryption include lack of budget to implement solutions, a lack of business use cases that would demonstrate the value of encryption, performance issues (whether perceived or actual), and lack of features in some encryption solutions, as shown in Figure Q15. Figure Q15 Barriers that are Preventing More Extensive Use of Encryption Source: Osterman Research, Inc.
©2016 Osterman Research, Inc. 9 Enterprise Encryption and Authentication Usage: A Survey ReportWHERE SHOULD ENCRYPTION BE USED? The decision makers and influencers surveyed for this report believe that encryption should be widely deployed across a range of applications and for a variety of purposes, as shown in Figure Q16. These include sensitive internal communications, noted by two-thirds of survey respondents, satisfying compliance obligations, and communication with partners, among many other reasons. Figure Q16 Types of Communication Considered to be Viable Options for Secure Digital Communications Source: Osterman Research, Inc. Sending sensitive and confidential information internally is an essential application for encryption given the problems that organizations can face if they send this type of information in clear text. Even if messages are sent only internally in an unencrypted form with the full intent of being kept behind the corporate firewall, there is a very good chance that this information will find its way onto non-secure platforms, such as end users’ mobile devices or third party storage systems, such as cloud-based file-sync-and-share systems. This can easily lead to data breaches and the variety of problems that result from them.
©2016 Osterman Research, Inc. 10 Enterprise Encryption and Authentication Usage: A Survey ReportWHAT ARE THE MOST IMPORTANT ENCRYPTION FEATURES? Most decision makers and influencers consider a variety of features and functions to be important for encryption solutions to support, but most important is a solution’s support for industry standards, its ease-of-use for mobile users, and its support for automated, policy-based encryption, as shown in Figure Q17. Figure Q17 Importance of Various Encryption Solution Features Percentage Responding Important or Very Important Source: Osterman Research, Inc. The use of smartphones and tablets is becoming an important issue for just about any IT infrastructure-related decision because more and more employees are using mobile devices, particularly their own. When IT departments evaluate encryption solutions, a key set of decision criteria must, therefore, focus on how these solutions support users sending, receiving, encrypting and decrypting messages on all of the mobile devices that are currently in use. A best practice is to opt for an encryption solution that will not require the installation of plug-ins or additional software given that there are several mobile operating systems in use and multiple versions of each. For users employing a mobile device, encryption can be a trying experience. Typing a strong password on a smartphone is error-prone and difficult, and the use of PINs is also difficult and insecure because they are fairly easy to guess. However, PINs are generally preferable to passwords because mobile devices autocorrect text, making their entry tedious and time-consuming (up to 30 seconds for a typical password).
©2016 Osterman Research, Inc. 11 Enterprise Encryption and Authentication Usage: A Survey ReportMOST ENCRYPTION SOLUTIONS ARE INTEGRATED WITH DLP We found that 45 percent of the organizations surveyed currently have a data loss prevention (DLP) solution in place, as shown in Figure Q19. Moreover, among organizations that have a DLP solution, 59 percent have integrated their encryption solution with it, and for 63 percent of organizations, their DLP solution provides encryption capabilities. Figure Q19 “Does your organization have a DLP solution in place?” Source: Osterman Research, Inc.
©2016 Osterman Research, Inc. 12 Enterprise Encryption and Authentication Usage: A Survey ReportMOST HAVE DEPLOYED TWO-FACTOR AUTHENTICATION The majority of organizations surveyed have deployed two-factor authentication, but in many of these organizations it is deployed only for a minority of users, as shown in Figure Q3. Most of the remaining organizations are in various stages of either considering or planning for the deployment of two-factor authentication, but have not yet done so. Figure Q3 Current Use of Two-Factor Authentication Source: Osterman Research, Inc. The vast majority of organizations that have deployed two-factor authentication have opted for the use of tokens, but a significant proportion have either or also deployed apps, perhaps to support time-based one-time passwords, or they use email and/or SMS as the second factor. Only a tiny minority of the organizations surveyed are using biometrics as part of a two-factor authentication scheme.
©2016 Osterman Research, Inc. 13 Enterprise Encryption and Authentication Usage: A Survey Report Figure Q4 “If you have deployed two-factor authentication, which of the following are you using?” Source: Osterman Research, Inc.
©2016 Osterman Research, Inc. 14 Enterprise Encryption and Authentication Usage: A Survey ReportMOST ARE NOT YET USING MOBILE SINGLE SIGN-ON Only about two in five organizations surveyed is using mobile single sign-on for their users, and in many organizations that have implemented it, it’s not available to most users, as shown in Figure Q7. However, most of the remaining organizations that are not yet using mobile single sign-on are at least considering its use and many are planning to deploy it. Figure Q7 Status of Mobile Single Sign-On Source: Osterman Research, Inc. Mobile single sign-on requires more consideration than traditional single sign-on in a desktop or laptop environment for a couple of reasons. First, there is less control over mobile devices than there is for other platforms because these devices are more easily lost or misplaced. Consequently, authentication must be more robust so that passwords are not easy to guess, but this must be balanced with ease-of-use because of the inherent difficulty of authentication on a mobile device. Second, because a lost device or an employee’s personal device introduces risk because an unauthorized party may gain access to sensitive or confidential data assets, the use of risk-based authentication makes even more sense on mobile devices to ensure that users are accessing data only on a need-to-know basis.
©2016 Osterman Research, Inc. 15 Enterprise Encryption and Authentication Usage: A Survey ReportABOUT ECHOWORX Echoworx is a recognized leader in secure digital communication. Our flagship solution, OneWorld Enterprise Encryption, makes secure messaging easy and cost effective – designed to adapt to any environment and to all forms of encryption. Enterprises investing in Echoworx’s OneWorld platform, are gaining an adaptive, fully flexible approach to encryption, creating seamless customer experiences and in turn earning their loyalty and trust. Visit us at www.echoworx.com. © 2016 Osterman Research, Inc. All rights reserved. No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission of Osterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without prior written authorization of Osterman Research, Inc. Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this document or any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws (including but not limited to any act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of the information contained in this document. THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL.

Recommended

Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudSymantec
 
Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...PortalGuard
 
The Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowThe Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowSymantec
 
Sharing the blame: How companies are collaborating on data security breaches
Sharing the blame: How companies are collaborating on data security breachesSharing the blame: How companies are collaborating on data security breaches
Sharing the blame: How companies are collaborating on data security breachesThe Economist Media Businesses
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFAlexander Goodwin
 
2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast- Mark - Fullbright
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliancePeter Goldbrunner
 
2016 cost of data breach study brasil
2016 cost of data breach study brasil2016 cost of data breach study brasil
2016 cost of data breach study brasilJoão Rufino de Sales
 

Recommended

Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudSymantec
 
Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...PortalGuard
 
The Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowThe Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowSymantec
 
Sharing the blame: How companies are collaborating on data security breaches
Sharing the blame: How companies are collaborating on data security breachesSharing the blame: How companies are collaborating on data security breaches
Sharing the blame: How companies are collaborating on data security breachesThe Economist Media Businesses
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFAlexander Goodwin
 
2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast2014 Data Breach Industry Forecast
2014 Data Breach Industry Forecast- Mark - Fullbright
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliancePeter Goldbrunner
 
2016 cost of data breach study brasil
2016 cost of data breach study brasil2016 cost of data breach study brasil
2016 cost of data breach study brasilJoão Rufino de Sales
 
Gbl report risk-value_2018_us_uea_v1
Gbl report risk-value_2018_us_uea_v1Gbl report risk-value_2018_us_uea_v1
Gbl report risk-value_2018_us_uea_v1Paperjam_redaction
 
CompTIA Security Study [Report]
CompTIA Security Study [Report]CompTIA Security Study [Report]
CompTIA Security Study [Report]Assespro Nacional
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysisxband
 
Data Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector PlanData Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector Plansarahb171
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
 
Kaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksKaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksConstantin Cocioaba
 
3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018NormShield
 
Data Protection Maturity Survey Results 2013
Data Protection Maturity Survey Results 2013 Data Protection Maturity Survey Results 2013
Data Protection Maturity Survey Results 2013 - Mark - Fullbright
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 
INFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacyINFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacySymantec
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Envision Technology Advisors
 
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)Zeno Idzerda
 
US cost_of_cyber_crime_study_final6
US cost_of_cyber_crime_study_final6 US cost_of_cyber_crime_study_final6
US cost_of_cyber_crime_study_final6 CMR WORLD TECH
 
White Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedWhite Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedStuart Clarke
 
Signacure Brochure
Signacure BrochureSignacure Brochure
Signacure BrochureDave Lloyd
 
July 2010 Cover Story
July 2010 Cover StoryJuly 2010 Cover Story
July 2010 Cover StoryPatrick Spencer
 
2013 global encryption trends study
2013 global encryption trends study2013 global encryption trends study
2013 global encryption trends studyBee_Ware
 
How Much Do You Trust Email?
How Much Do You Trust Email?How Much Do You Trust Email?
How Much Do You Trust Email?Echoworx
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingwardell henley
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesEchoworx
 

More Related Content

What's hot

Gbl report risk-value_2018_us_uea_v1
Gbl report risk-value_2018_us_uea_v1Gbl report risk-value_2018_us_uea_v1
Gbl report risk-value_2018_us_uea_v1Paperjam_redaction
 
CompTIA Security Study [Report]
CompTIA Security Study [Report]CompTIA Security Study [Report]
CompTIA Security Study [Report]Assespro Nacional
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysisxband
 
Data Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector PlanData Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector Plansarahb171
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
 
Kaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksKaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksConstantin Cocioaba
 
3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018NormShield
 
Data Protection Maturity Survey Results 2013
Data Protection Maturity Survey Results 2013 Data Protection Maturity Survey Results 2013
Data Protection Maturity Survey Results 2013 - Mark - Fullbright
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 
INFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacyINFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacySymantec
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementGrant Thornton LLP
 
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Envision Technology Advisors
 
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)Zeno Idzerda
 
US cost_of_cyber_crime_study_final6
US cost_of_cyber_crime_study_final6 US cost_of_cyber_crime_study_final6
US cost_of_cyber_crime_study_final6 CMR WORLD TECH
 
White Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedWhite Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedStuart Clarke
 
Signacure Brochure
Signacure BrochureSignacure Brochure
Signacure BrochureDave Lloyd
 

What's hot (18)

Gbl report risk-value_2018_us_uea_v1
Gbl report risk-value_2018_us_uea_v1Gbl report risk-value_2018_us_uea_v1
Gbl report risk-value_2018_us_uea_v1
 
CompTIA Security Study [Report]
CompTIA Security Study [Report]CompTIA Security Study [Report]
CompTIA Security Study [Report]
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysis
 
Data Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector PlanData Breach Insurance - Optometric Protector Plan
Data Breach Insurance - Optometric Protector Plan
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To Consider
 
Kaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksKaspersky: Global IT Security Risks
Kaspersky: Global IT Security Risks
 
3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018
 
Data Protection Maturity Survey Results 2013
Data Protection Maturity Survey Results 2013 Data Protection Maturity Survey Results 2013
Data Protection Maturity Survey Results 2013
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänster
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for Businesses
 
INFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacyINFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data Privacy
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk management
 
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
 
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
Hpesp wp ponemon_costofcybercrimestudy2012_unitedstates(1)
 
US cost_of_cyber_crime_study_final6
US cost_of_cyber_crime_study_final6 US cost_of_cyber_crime_study_final6
US cost_of_cyber_crime_study_final6
 
White Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US LocalizedWhite Paper - Nuix Cybersecurity - US Localized
White Paper - Nuix Cybersecurity - US Localized
 
Signacure Brochure
Signacure BrochureSignacure Brochure
Signacure Brochure
 
July 2010 Cover Story
July 2010 Cover StoryJuly 2010 Cover Story
July 2010 Cover Story
 

Similar to Enterprise Encryption and Authentication Usage: Survey Report

2013 global encryption trends study
2013 global encryption trends study2013 global encryption trends study
2013 global encryption trends studyBee_Ware
 
How Much Do You Trust Email?
How Much Do You Trust Email?How Much Do You Trust Email?
How Much Do You Trust Email?Echoworx
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingwardell henley
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesEchoworx
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeEMC
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Entersoft Security
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Online Trust Alliance Recommendations
Online Trust Alliance RecommendationsOnline Trust Alliance Recommendations
Online Trust Alliance RecommendationsMeg Weber
 
Proactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsProactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsClear Technologies
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise The Economist Media Businesses
 
HBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
HBR - Zurich - FERMAZ - PRIMO Cyber Risks ReportHBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
HBR - Zurich - FERMAZ - PRIMO Cyber Risks ReportFERMA
 
Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Paperjam_redaction
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee StudyHiten Sethi
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Accenture Technology
 
Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5accenture
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentationrevaathey
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentationrevaathey
 

Similar to Enterprise Encryption and Authentication Usage: Survey Report (20)

2013 global encryption trends study
2013 global encryption trends study2013 global encryption trends study
2013 global encryption trends study
 
How Much Do You Trust Email?
How Much Do You Trust Email?How Much Do You Trust Email?
How Much Do You Trust Email?
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_training
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial Services
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure Age
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
 
Online Trust Alliance Recommendations
Online Trust Alliance RecommendationsOnline Trust Alliance Recommendations
Online Trust Alliance Recommendations
 
Proactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van SymonsProactive Log Management in Insurance by Van Symons
Proactive Log Management in Insurance by Van Symons
 
CompTIA 10th Security Study
CompTIA 10th Security StudyCompTIA 10th Security Study
CompTIA 10th Security Study
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise
 
HBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
HBR - Zurich - FERMAZ - PRIMO Cyber Risks ReportHBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
HBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
 
Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee Study
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentation
 
Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5
 
Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
 

More from Echoworx

10 Ways to Prevent Information Security Incidents
10 Ways to Prevent Information Security Incidents10 Ways to Prevent Information Security Incidents
10 Ways to Prevent Information Security IncidentsEchoworx
 
Getting Personal: The digital age is about people not technology!
Getting Personal: The digital age is about people not technology!Getting Personal: The digital age is about people not technology!
Getting Personal: The digital age is about people not technology!Echoworx
 
Migrating PGP to the Cloud
Migrating PGP to the CloudMigrating PGP to the Cloud
Migrating PGP to the CloudEchoworx
 
Embracing High Volume Digital Communications
Embracing High Volume Digital CommunicationsEmbracing High Volume Digital Communications
Embracing High Volume Digital CommunicationsEchoworx
 
Echoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx
 
Overcoming the Digital Commitment Gap!
Overcoming the Digital Commitment Gap!Overcoming the Digital Commitment Gap!
Overcoming the Digital Commitment Gap!Echoworx
 
Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Echoworx
 
The CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticThe CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticEchoworx
 
Evolution of the Email Encryption Market
Evolution of the Email Encryption MarketEvolution of the Email Encryption Market
Evolution of the Email Encryption MarketEchoworx
 

More from Echoworx (10)

10 Ways to Prevent Information Security Incidents
10 Ways to Prevent Information Security Incidents10 Ways to Prevent Information Security Incidents
10 Ways to Prevent Information Security Incidents
 
Getting Personal: The digital age is about people not technology!
Getting Personal: The digital age is about people not technology!Getting Personal: The digital age is about people not technology!
Getting Personal: The digital age is about people not technology!
 
Migrating PGP to the Cloud
Migrating PGP to the CloudMigrating PGP to the Cloud
Migrating PGP to the Cloud
 
Embracing High Volume Digital Communications
Embracing High Volume Digital CommunicationsEmbracing High Volume Digital Communications
Embracing High Volume Digital Communications
 
SAML 101
SAML 101SAML 101
SAML 101
 
Echoworx Encryption Delivery Methods
Echoworx Encryption Delivery MethodsEchoworx Encryption Delivery Methods
Echoworx Encryption Delivery Methods
 
Overcoming the Digital Commitment Gap!
Overcoming the Digital Commitment Gap!Overcoming the Digital Commitment Gap!
Overcoming the Digital Commitment Gap!
 
Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!
 
The CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticThe CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be cryptic
 
Evolution of the Email Encryption Market
Evolution of the Email Encryption MarketEvolution of the Email Encryption Market
Evolution of the Email Encryption Market
 

Recently uploaded

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Enterprise Encryption and Authentication Usage: Survey Report

  • 1. SURVEY REPORT Conducted by Osterman Research on behalf of Echoworx Enterprise Encryption and Authentication Usage
  • 2. ©2016 Osterman Research, Inc. 1 Enterprise Encryption and Authentication Usage: A Survey ReportEXECUTIVE SUMMARY Osterman Research conducted a primary market research survey on behalf of Echoworx. The goal of the survey was to query encryption-focused decision makers and influencers in organizations of various sizes about their organizations’ plans for the deployment of encryption technologies, two- factor authentication and related issues. A total of 165 surveys were completed with the Osterman Research survey panel during September 2016. KEY TAKEAWAYS Here are the key points we discovered in the research: • The priority for email/message encryption in the technology stack is growing for most organizations. Whereas email/message encryption was a “very important” or “critical” priority for 45 percent of organizations in 2015, that figure has increased to 53 percent in 2016. At the same time, those reporting that email/message encryption is “not important” has declined from 24 percent to 19 percent during the same period. • However, email/message encryption is used “extensively” by only 40 percent of organizations, indicating there are still many opportunities left for expansion of the installed base of encryption- enabled users. To expand the market, vendors will need to overcome the perception that encryption asks too much of email recipients, that it is too difficult for senders to use, and that encryption solutions are too expensive, among other objections. • The proportion of organizations that have an encryption strategy has increased dramatically over the past 12 months, from 51 percent of organizations in 2016 to 75 percent in 2016. That is good news for the adoption of encryption technologies, since the development of an encryption strategy generally precedes the deployment of technologies to address it. • The primary focus of encryption continues to be external communications, but decision makers are realizing the value of encryption across a wide range of applications, including internal communication. • The vast majority of organizations understand the important role of encryption as a means of satisfying their data protection obligations and for reducing corporate risk, such as the ability for the proper use of encryption to dramatically reduce the likelihood of a data breach. We found that more than three-quarters of the organizations surveyed have plans to extend their data protection capabilities using encryption. • Most organizations view compliance and data breach prevention as the primary drivers for using email/message encryption. In fact, of the top five reasons to use email/message encryption, three (and, arguably, four) of the drivers are focused on addressing data breach-related issues. The impact of well-publicized data breaches, and the increasing frequency of their occurrence, has not been lost on decision makers. • Decision makers are looking for an encryption solution to offer support for industry standards, ease-of-use for mobile users, and automatic encryption capabilities, among a variety of other features and functions. In the context of mobile email encryption, more than two-fifths of organizations would prefer to use packaged or built-in encryption capabilities while 11 percent would prefer custom apps, but one-third have no preference either way. SURVEY FINDINGS MOST ORGANIZATIONS TAKE ENCRYPTION SERIOUSLY Encryption is an essential best practice in the context of email, file sharing and other communications modes in which sensitive or confidential business records are shared, both within and outside of an organization. Fortunately, that is a message that seems to be resonating well with decision makers and influencers. As shown in Figure Q11-12, 53 percent of the decision makers and influencers surveyed for this report believe that email/message encryption is either “very important” or “critical”, up substantially from 45 percent who had this view in 2015.
  • 3. ©2016 Osterman Research, Inc. 2 Enterprise Encryption and Authentication Usage: A Survey Report Figure Q11-12 Priority for Email/Message Encryption in the Technology Stack 2015 and 2016 Source: Osterman Research, Inc. The importance of email/message encryption should not be underestimated. In a July 2016 survey of information workers conducted by Osterman Research, we discovered that whether or not these workers can encrypt email, 15 percent of the emails they send on a typical day contain sensitive or confidential information that definitely should be encrypted, and another 17 percent of emails contain information that would be encrypted because of their semi-sensitive/confidential nature. That means that about one-third of the 30 emails sent by information workers on a typical workday should be encrypted, but often are not. A failure to encrypt email can carry with it a number of serious consequences, including loss of intellectual property, data breaches that violate regulatory obligations to protect sensitive data, legal actions, revenue loss and other problems.
  • 4. ©2016 Osterman Research, Inc. 3 Enterprise Encryption and Authentication Usage: A Survey ReportORGANIZATIONS ARE DEVELOPING AN ENCRYPTION STRATEGY As shown in Figure Q8-9, organizations are developing an encryption strategy and the proportion doing so is ramping up quickly. In 2015, for example, about one-half of organizations had an encryption strategy, but three-quarters of them do today. Figure Q8-9 “Does your organization have an encryption strategy?” 2015 and 2016 Source: Osterman Research, Inc. The fact that organizations are rapidly implementing encryption strategies is good news, since the development of such a strategy is an essential best practice before organizations implement encryption technologies. While deployment of an encryption solution in the absence of an encryption strategy will provide some benefits, having the strategy in place first will yield substantially greater benefits. If employees are trained on what should be encrypted if they are using manual solutions, and if rules for what must be encrypted are established for policy-based encryption systems, an organization will face much less risk and its information will be more protected if the strategy is in place first.
  • 5. ©2016 Osterman Research, Inc. 4 Enterprise Encryption and Authentication Usage: A Survey ReportEXTERNAL ENCRYPTION IS REQUIRED BY MOST ORGANIZATIONS Not surprisingly, most organizations are focused on email/message encryption for external communications. As shown in Figure Q18, more than three in five of the organizations surveyed requires encryption services for external communication, while nearly one-half requires encryption for mailbox-to-mailbox communications. Figure Q18 Types of Encryption Services Required Source: Osterman Research, Inc. An important driver for encryption is communication with external parties: customers, prospects, business partners and others for which communications must traverse the Internet, not just corporate LANs or WANs that are under the complete control of an organization. However, as email continues to move to the cloud, the proportion of “external” communication will continue to grow, even when users sitting side-by-side are sending email to one another, thereby making encryption critically important for virtually all communication that takes place in a corporate context.
  • 6. ©2016 Osterman Research, Inc. 5 Enterprise Encryption and Authentication Usage: A Survey ReportMOST WILL USE ENCRYPTION TO EXTEND DATA PROTECTION Data protection is an essential element in any organization’s information governance posture, and encryption is a key technology that will enable organizations to more adequately protect sensitive and confidential information. As shown in Figure Q10, more than two in five organizations plan to extend data protection via the use of encryption technologies over the next year, while most of the remaining organizations will be doing so after 2017. Only a small minority of organizations does not see the need for extending data protection through encryption. Figure Q10 Plans for Extending Data Protection Using Encryption Source: Osterman Research, Inc. Information security and privacy issues are closely related to the variety of regulatory obligations that organizations face. Many governmental regulations have requirements for handling and retention of certain types of information under the organization’s control. There are at least two types of sensitive data that organizations should take pains to control and secure: employee/customer Personally Identifiable Information (PII) and intellectual property. Inadvertent release of a customer’s or employee’s social security number, bank account number, health information or tax information can trigger lawsuits, massive costs, and penalties, as well as negative publicity for the organization. Intellectual property represents potentially huge amounts of investment by the organization. Leaks of intellectual property though theft or inadvertent disclosure can cost an organization millions (or billions) of dollars, loss of market share, loss of shareholder equity, and ongoing negative publicity. An Osterman Research survey has found that more than one- third of organizations have experienced theft of sensitive or confidential information. An important consideration for data protection in the European Union (EU), but impacting any organization that does business in the EU, is the General Data Protection Regulation (GDPR). The GDPR is a sweeping new regulation that will unify and strengthen personal data protection within the EU. The goal of the GDPR is to enable citizens of the EU to have more control over their personal data, as well as to simplify corporate data protection obligations by unifying the various regulations that currently exist within the EU. The GDPR has already been adopted, but will take effect in May
  • 7. ©2016 Osterman Research, Inc. 6 Enterprise Encryption and Authentication Usage: A Survey Report 2018. The GDPR affects any organization that processes the personal data of EU residents, regardless of where in the world that organization might be located. The regulation has important implications for a variety of technologies that organizations deploy – encryption being chief among them – as well as how they collect, store, process, produce and delete information. Non-compliance with the provisions of the GDPR carries with it fines of up to four percent of an organization’s annual revenue or €20 million, whichever is higher. REASONS FOR USING EMAIL/MESSAGE ENCRYPTION As shown in Figure Q13, compliance with statutory regulations is the primary driver for the use of email/message encryption among the organizations we surveyed, cited by more than one-half as an “important” or “very important” driver. Following closely behind in importance as a driver for the use of email/message encryption is management’s awareness of an increasing number of data breaches, avoiding the cost of data breaches, and avoiding the negative publicity associated with such a breach. Figure Q13 Drivers for Using Email/Message Encryption Percentage Responding an Important or Very Important Driver Source: Osterman Research, Inc. There is a wide range of drivers for organizations to implement email/message encryption. These drivers will vary widely based on the industries in which an organization operates, the regulatory climate it faces, the legal challenges it has experienced or anticipates, the risk tolerance of its senior management, the geographies in which it operates and other factors. However, as shown above, three of the top five drivers (and, arguably, four drivers) for implementing email/message encryption are focused on addressing data breaches. Clearly, the increasing number of data breaches, the problems they cause, and the ways in which encryption can help to significantly reduce the risk of a data breach from happening is a message that decision makers and influencers are embracing.
  • 8. ©2016 Osterman Research, Inc. 7 Enterprise Encryption and Authentication Usage: A Survey ReportENCRYPTION IS NOT USED AS EXTENSIVELY AS IT SHOULD BE Despite the importance of encryption and the benefits that it offers, only two in five organizations report that encryption is used “extensively”, as shown in Figure Q14. While the definition of the term “extensively” is open to debate, what is clear is that encryption is simply not being used as much as it should be. Figure Q14 “Is your organization using encryption extensively?” Source: Osterman Research, Inc. There are several reasons why encryption is not more widely deployed: • Some older encryption solutions were difficult to use for both senders and recipients and were more of an impediment to productivity than a benefit – clearly, that objection is still a common on as shown in Figure Q15. While newer encryption solutions are generally much easier to use, many remember the difficulty of using older solutions and are hesitant to implement new ones. • Because mobile platforms are an important consideration in any organization’s IT infrastructure, some are resistant to use encryption because the experience on mobile devices can be difficult, creating a roadblock for user productivity and resistance to use encryption solutions for mobile users. • Encryption can also be a problem for archiving and malware detection, since content that is encrypted between users often cannot be inspected.
  • 9. ©2016 Osterman Research, Inc. 8 Enterprise Encryption and Authentication Usage: A Survey Report • Other reasons that are preventing wider adoption of encryption include lack of budget to implement solutions, a lack of business use cases that would demonstrate the value of encryption, performance issues (whether perceived or actual), and lack of features in some encryption solutions, as shown in Figure Q15. Figure Q15 Barriers that are Preventing More Extensive Use of Encryption Source: Osterman Research, Inc.
  • 10. ©2016 Osterman Research, Inc. 9 Enterprise Encryption and Authentication Usage: A Survey ReportWHERE SHOULD ENCRYPTION BE USED? The decision makers and influencers surveyed for this report believe that encryption should be widely deployed across a range of applications and for a variety of purposes, as shown in Figure Q16. These include sensitive internal communications, noted by two-thirds of survey respondents, satisfying compliance obligations, and communication with partners, among many other reasons. Figure Q16 Types of Communication Considered to be Viable Options for Secure Digital Communications Source: Osterman Research, Inc. Sending sensitive and confidential information internally is an essential application for encryption given the problems that organizations can face if they send this type of information in clear text. Even if messages are sent only internally in an unencrypted form with the full intent of being kept behind the corporate firewall, there is a very good chance that this information will find its way onto non-secure platforms, such as end users’ mobile devices or third party storage systems, such as cloud-based file-sync-and-share systems. This can easily lead to data breaches and the variety of problems that result from them.
  • 11. ©2016 Osterman Research, Inc. 10 Enterprise Encryption and Authentication Usage: A Survey ReportWHAT ARE THE MOST IMPORTANT ENCRYPTION FEATURES? Most decision makers and influencers consider a variety of features and functions to be important for encryption solutions to support, but most important is a solution’s support for industry standards, its ease-of-use for mobile users, and its support for automated, policy-based encryption, as shown in Figure Q17. Figure Q17 Importance of Various Encryption Solution Features Percentage Responding Important or Very Important Source: Osterman Research, Inc. The use of smartphones and tablets is becoming an important issue for just about any IT infrastructure-related decision because more and more employees are using mobile devices, particularly their own. When IT departments evaluate encryption solutions, a key set of decision criteria must, therefore, focus on how these solutions support users sending, receiving, encrypting and decrypting messages on all of the mobile devices that are currently in use. A best practice is to opt for an encryption solution that will not require the installation of plug-ins or additional software given that there are several mobile operating systems in use and multiple versions of each. For users employing a mobile device, encryption can be a trying experience. Typing a strong password on a smartphone is error-prone and difficult, and the use of PINs is also difficult and insecure because they are fairly easy to guess. However, PINs are generally preferable to passwords because mobile devices autocorrect text, making their entry tedious and time-consuming (up to 30 seconds for a typical password).
  • 12. ©2016 Osterman Research, Inc. 11 Enterprise Encryption and Authentication Usage: A Survey ReportMOST ENCRYPTION SOLUTIONS ARE INTEGRATED WITH DLP We found that 45 percent of the organizations surveyed currently have a data loss prevention (DLP) solution in place, as shown in Figure Q19. Moreover, among organizations that have a DLP solution, 59 percent have integrated their encryption solution with it, and for 63 percent of organizations, their DLP solution provides encryption capabilities. Figure Q19 “Does your organization have a DLP solution in place?” Source: Osterman Research, Inc.
  • 13. ©2016 Osterman Research, Inc. 12 Enterprise Encryption and Authentication Usage: A Survey ReportMOST HAVE DEPLOYED TWO-FACTOR AUTHENTICATION The majority of organizations surveyed have deployed two-factor authentication, but in many of these organizations it is deployed only for a minority of users, as shown in Figure Q3. Most of the remaining organizations are in various stages of either considering or planning for the deployment of two-factor authentication, but have not yet done so. Figure Q3 Current Use of Two-Factor Authentication Source: Osterman Research, Inc. The vast majority of organizations that have deployed two-factor authentication have opted for the use of tokens, but a significant proportion have either or also deployed apps, perhaps to support time-based one-time passwords, or they use email and/or SMS as the second factor. Only a tiny minority of the organizations surveyed are using biometrics as part of a two-factor authentication scheme.
  • 14. ©2016 Osterman Research, Inc. 13 Enterprise Encryption and Authentication Usage: A Survey Report Figure Q4 “If you have deployed two-factor authentication, which of the following are you using?” Source: Osterman Research, Inc.
  • 15. ©2016 Osterman Research, Inc. 14 Enterprise Encryption and Authentication Usage: A Survey ReportMOST ARE NOT YET USING MOBILE SINGLE SIGN-ON Only about two in five organizations surveyed is using mobile single sign-on for their users, and in many organizations that have implemented it, it’s not available to most users, as shown in Figure Q7. However, most of the remaining organizations that are not yet using mobile single sign-on are at least considering its use and many are planning to deploy it. Figure Q7 Status of Mobile Single Sign-On Source: Osterman Research, Inc. Mobile single sign-on requires more consideration than traditional single sign-on in a desktop or laptop environment for a couple of reasons. First, there is less control over mobile devices than there is for other platforms because these devices are more easily lost or misplaced. Consequently, authentication must be more robust so that passwords are not easy to guess, but this must be balanced with ease-of-use because of the inherent difficulty of authentication on a mobile device. Second, because a lost device or an employee’s personal device introduces risk because an unauthorized party may gain access to sensitive or confidential data assets, the use of risk-based authentication makes even more sense on mobile devices to ensure that users are accessing data only on a need-to-know basis.
  • 16. ©2016 Osterman Research, Inc. 15 Enterprise Encryption and Authentication Usage: A Survey ReportABOUT ECHOWORX Echoworx is a recognized leader in secure digital communication. Our flagship solution, OneWorld Enterprise Encryption, makes secure messaging easy and cost effective – designed to adapt to any environment and to all forms of encryption. Enterprises investing in Echoworx’s OneWorld platform, are gaining an adaptive, fully flexible approach to encryption, creating seamless customer experiences and in turn earning their loyalty and trust. Visit us at www.echoworx.com. © 2016 Osterman Research, Inc. All rights reserved. No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission of Osterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without prior written authorization of Osterman Research, Inc. Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this document or any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws (including but not limited to any act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of the information contained in this document. THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL.