Only 1% of UK companies are implementing all the safeguards available to them to manage and control access for the right users to their systems, a survey conducted by PricewaterhouseCoopers for the Department of Trade & Industry has found.

Such measures are aimed at reducing the risk of crimes such as electronic identity theft.

Of the small number who did implement all the necessary safeguards, none reported a single identity-related security incident.

While there was no major increase in identity management related incidents since 2004 when the survey was last carried out, when it did occur, it tended to have a worse impact than any other type of security breach resulting in reputation damage, adverse media coverage and cost of remediation.

The survey also found that compliance with laws and regulations had become the key driver for managing and controlling systems access, taking over from reducing cost of user access management and enabling new ventures over the internet.

Andrew Beard, the director from PwC leading the survey, said, ‘Too many companies are still relying on single factor authentication techniques such as user ID and passwords. More companies need to follow the lead of the few larger businesses which are using stronger methods to authenticate their users.’