Nearly a quarter of UK law firms have admitted to losing confidential data, according to a recent survey by Credant Technologies.

The data protection firm's survey of 100 law firms across the country found 24 per cent of respondents admitted to misplacing at least one mobile device containing confidential documents, putting case notes, contracts and client details at risk.

Just 13 per cent of those who said they had lost a device believed the data was protected as the device was secured and the information encrypted. On the other hand, almost four out of 10 (37 per cent) of the lawyers surveyed believed that if they did lose their mobile device the data would be easily accessible to a hacker.

While a third of respondents said they encrypt their data now, over 90 per cent believe a password alone is sufficient to protect the data. However, according to ex-hacker turned IT security consultant Robert Schifreen passwords are not up to the job of protecting sensitive information on a mobile device.

"You can download cracking software from Google that can break the average password in less than 30 minutes," he said. "These findings show just how naive the legal profession is when it comes to data security and I suspect other professions are just as bad, if not worse. The only answer is, if you store sensitive data you must encrypt it."

The study found that one of the biggest security gaps stemmed from the fact that one in five lawyers use their own personal mobile phones, notebooks and USB drives to store client and corporate information.

"It's worrying to note that so many unprotected devices have gone missing over the past few years, but personally I'm more concerned by how many personal mobile devices are being used by lawyers that clearly bypass any security procedures set up by the legal firm," said Michael Callahan, vice president of Global Marketing at Credant.

"This creates an uncontrollable environment for the IT security staff as they simply can't keep track of which devices they've secured and which they haven't. "

Callahan recommended that all organisations "implement a data protection policy that ensures all handheld, laptop and removable media are encrypted, managed and controlled centrally, which then enables the IT guys to be able to suspend access to the information if it is misplaced or stolen".

Permalink  Comments  Forward  Print
digg   del.icio.us   reddit!

related content
RSA conference logo
Enterprise Security Technology
BulletLegislators under fire over heavy-handed security rules
Firms being forced to spend unnecessarily on perceived IT security risks, say experts at RSA show  27 Oct 2008
EU flags
Privacy & Data
BulletEuropean data breach laws could land in 2011
European data protection supervisor backs call for law to apply to all information service providers  27 Oct 2008
Internal Revenue Service
Privacy & Data
BulletIRS slammed over lax security
Systems deployed with known holes, says government audit  18 Oct 2008
MoD building
Privacy & Data
BulletLatest data breach leads MPs to demand culture change
MoD admits to losing a hard drive containing up to 100,000 army records  10 Oct 2008
Hacker
Hacking
BulletCorporate data loss not down to hackers
Three-quarters of incidents caused by negligent or malicious staff  10 Oct 2008
Smartphone
Privacy & Data
BulletUnsecured mobiles leaving owners open to ID theft
Passwords or encryption vital for protecting information  18 Mar 2009
yahoo mail beta
Hacking
BulletYahoo Mail users warned of brute force attacks
New reports suggest back-end web application to blame for two-year-old vulnerability  19 Sep 2009
Minister for women and equality Harriet Harman (Fiona Hanson/PA Wire)
Practice Management
BulletProfession under fire over gender pay gap
The financial sector is a breeding ground for gender discrimination  11 Mar 2010
A silhouetted cowboy on horseback
IT Services & Outsourcing
BulletSMEs burnt by poor MSPs
Survey from The Internet Group finds over 90 per cent of small firms are endangered by lax management from IT specialists  02 Apr 2009
Conficker worm illustration
Hacking and Cyber-crime
BulletSymantec report shows huge growth in malware
Cyber criminals increasingly targeting consumers' confidential data  14 Apr 2009
latest news
Warehouse
Procurement
BulletGreen procurement set to become the norm
Experts reveal public and private sector procurement professionals are increasingly willing to demand suppliers fall into line with green best practices  16 Mar 2010
Solar roof
Incentives
BulletLabour to make energy co-operatives plan a key manifesto pledge
Community projects designed to accelerate the rollout of onsite renewables and energy efficiency makeovers  16 Mar 2010
Oyster wave generator
Renewables
BulletGovernment to wave in new era of British marine energy
Lord Hunt releases Marine Action Plan ahead of anticipated announcement of around 700MW of new wave and tidal energy projects  15 Mar 2010
Click here for more More news
latest in-depth
River
Analysis
BulletBusinessGreen.com Most Read - March 12 2010
From hydropower hot spots to record-breaking Texan winds, we run down the top stories from the past week  12 Mar 2010
Blog Posting
BulletBusinesses must stop whinging and tackle the green skills crisis head on
Few debates cast the UK's business and political community in such an unedifying light as the never-ending row over skills....  12 Mar 2010
Offshore wind farm
Comment
BulletWhy Europe needs an electricity Supergrid
Christian Kjaer, chief executive of the European Wind Energy Association, argues that a supergrid is essential to EU efforts to cut carbon emissions  11 Mar 2010
Click here for more More in-depth
what do you think?
Click here for more Post your comment
Click here for more Send an email to the Business Green editor at feedback@businessgreen.com
Reader comments for this story
Post your comment Post your comment   What is this?