NEWS
Only a quarter of UK businesses encrypt emails, leaving the rest open for anyone to read as they travel over the internet, research has found.
Sending an unencrypted email is similar to sending a postcard through the postal system. It can be read by anyone who has the ability to intercept it.
According to a PricewaterhouseCoopers (PWC) survey, businesses are failing to invest in technology to encrypt emails, though companies report relatively few incidents of data interception.
Chris Potter, information assurance partner at PWC, told silicon.com: "If emails are intercepted, they can be read. The number of interceptions on the internet is relatively low but we have seen a rise in the number of companies experiencing data interception. There is probably a greater need to encrypt than before."
Potter said encryption technologies are still too expensive for most companies to buy.
He added: "It's a cost and administration burden. It's quite awkward for businesses to communicate with their partners. You would think there is a better solution. Past technologies have been tarnished with big costs and too few business benefits."
The survey of 1,000 companies found 88 per cent of business internet connections are over broadband, which means companies effectively share bandwidth with others to reduce the cost of hiring data lines.
The survey was sponsored by the Department of Trade and Industry.
Comments
There are 4 comments. Join the discussion
1. Gareth Evans
Just how easy is it to intercept a piece of email as it flies around the Internet along with several billion others every day ? More importantly how easy is it to intercept mail from or too specific senders or recipients ? It's all about risk. Aren't company systems easier to crack than intercepting emails ? The bad guys will always take the route of least resistance - so they'll attack your infrastructure, use social conditioning etc etc before going after your email.
BTW does it make any difference whatsoever that you might be using a Broadband connection with a 10:1 contention ratio ? How do the bad guys get to be one of the other 9 ?
Poor quality article I think.
2. Simon
I'm inclided to agree with Gareth, the risks are somewhat overstated. The contention on broadband is a complete red herring - just because there's contention doesn't mean the others are able to see your data.
Especially if the business sets up it's servers to deliver direct, rather than via an outbound proxy, then the emails might never actually reside on any server between source and destination, so they would have to be intercetped at the packet level. Doing that, reliably, and patching the bits back into something useable is a far from trivial task - far, far, far easier to simply nick the FDs laptop and read all the files, unencrypted, on it !
3. anonymous
Email encryption is important, not because of the risk of interception enroute, but more because of wrongly addressed email.
About 3 year's ago I was typosquatting on a synonym web address of one of the main ISP's. Nothing aggressive, and there was a redirect to the main site after 5 seconds. However one of the company executives mistyped an email address and inadvertently sent me several documents giving full details of a merger that they were planning with another national ISP. Those documents were unencrypted and easily accessible. Fortunately for the organisation concerned I "returned" the documents and told them that they had a problem. I subsequently sold them the domain name for £100.
If I had been uncharitable it could have been extremely costly and embarassing to them.
4.
hmmm...mb its true ,