Companies are not embracing encryption as a way to protect sensitive data.
According to Ponemon Institute’s 2005 National
Encryption Survey, only 4.2% of companies responding to our survey say
their organizations have an enterprisewide encryption plan.
However, the study also reveals that encryption
is viewed by many as an important security tool that enhances the IT
professionals’ overall sense of trust or comfort in data-protection
efforts. The primary reasons cited for not encrypting sensitive or
confidential information were concern about system performance (69%),
complexity (44%) and cost (25%). (See “Securing Card Data Isn’t An Easy Sell.”)