View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 12, 2011

IT staff have better access to sensitive data than CEOs: survey

Fears over lost encryption keys are holding back adoption of the tech, Venafi says

By Steve Evans

Do you really know who has access to your sensitive company data? A new survey from Venafi suggests that many workers believe it is the IT department that can most easily access a company’s most valuable information, ahead of C-level executives.

The survey of over 500 IT professionals found that 65% believe it is the IT department that has the easiest access, way ahead of the CEO on 30%. Management (8%), HR (7%) and legal (5%) were also on the list.

The survey also shone a light on just how reliant some companies are on a small number of people to access their all-important data. If the person in charge of managing an organisation’s encryption keys were to leave, 23% said they would worry about whether they would be able to access and decrypt the data.

This follows on from a previous Venafi survey which revealed that 40% of IT admins admitted they’d be able to hold a company to ransom by withholding or hiding encryption keys. "Could" is of course very different to "would" but the possibility is there, and that should be enough to worry many businesses.

What may be more worrying for the security industry – and specifically those vendors that deal with encryption – is that 24% of respondents said they were holding back on using encryption technology because of fears over losing encryption keys.

"Encryption management has become a big issue for companies worldwide," said Jeff Hudson, Venafi CEO. "Encryption is the last line of defence in protecting data against loss or compromise. Companies are finding out how important encryption is when they have experienced a huge data breach because they weren’t using encryption."

"Then they find out that when they deploy encryption they have another big problem and that is managing the encryption keys," Hudson added. "Encryption is only half the solution – you need to know where the keys are and they find that the only way to manage the keys is with an automated certificate and key management system. Once the data’s protected with encryption, the key becomes the data and the thing that must be managed and protected."

Content from our partners
<strong>Powering AI’s potential: turning promise into reality</strong>
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How businesses can safeguard themselves on the cyber frontline

Websites in our network
The New Statesman Press Gazette Spears World of Fine wine Elite Traveler Leadmonitor
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU