Companies ignore identity theft risk

Only 1% of UK companies are implementing all the safeguards available to them
to manage and control access for the right users to their systems, a survey
conducted by PricewaterhouseCoopers for the Department of Trade & Industry
has found.

Such measures are aimed at reducing the risk of crimes such as electronic
identity theft.

Of the small number who did implement all the necessary safeguards, none
reported a single identity-related security incident.

While there was no major increase in identity management related incidents
since 2004 when the survey was last carried out, when it did occur, it tended to
have a worse impact than any other type of security breach resulting in
reputation damage, adverse media coverage and cost of remediation.

The survey also found that compliance with laws and regulations had become
the key driver for managing and controlling systems access, taking over from
reducing cost of user access management and enabling new ventures over the

Andrew Beard, the director from PwC leading the survey, said, ‘Too many
companies are still relying on single factor authentication techniques such as
user ID and passwords. More companies need to follow the lead of the few larger
businesses which are using stronger methods to authenticate their users.’

Related reading

Life Belt with Computer Folders
HMRC banknotes