Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Survey finds low use of Microsoft encryption technology

If installed, Microsoft's BitLocker hard-drive encryption is actively used under 2 per cent of the time

Microsoft's full-disk encryption feature is not being widely used, even where it is part of the Windows operating system, according to a new survey released by security vendor Opswat.

Microsoft added its BitLocker hard-disk encryption feature to the "ultimate" and "enterprise" versions of its Windows Vista and Windows 7 operating systems, in response to greater concern over data losses and breaches. It is also present in Windows Server 2008 and Windows Server 2008 R2.

Security companies have also taken an interest in full hard-disk encryption by making acquisitions, including Symantec's purchase of PGP and GuardianEdge, Sophos' purchase of Utimaco and McAfee's acquisition of SafeBoot.

Opswat conducted its survey by analyzing 35,000 reports from the 50 million network endpoints on which it manages applications using its OESIS software framework. It verifies the compatibility of security applications with other applications such as SSL (Secure Sockets Layer) VPN and network access control technologies.

But it appears from Opswat's data that despite having full disk encryption technology, few organizations are actually using it.

"Our findings show that end-user adoption of hard-disk encryption technologies aren't nearly as widespread as the use of antivirus, antispyware and firewall products," Opswat said. "Even when these hard-disk encryption features are included as a feature in the Windows OS, they remain unused for the most part."

Of the 35,000 reports, nearly 90 per cent of those computers were not using any hard-disk encryption products. A little over 8 per cent of those machines had BitLocker installed, with a little more than 2 per cent having some other encryption product.

Of those machines with BitLocker installed, the application was actively encrypting on only 1.47 per cent of the computers, Opswat found. BitLocker was not used on 98.53 per cent of the machines it is installed on.

"BitLocker, like the disk encryption product category itself, is not finding widespread adoption," according to the report. "Preliminary analysis suggests that mobile computer users (laptops, notebooks) have a higher percentage of BitLocker usage than average."

Microsoft says BitLocker generally reduces performance by under 10 per cent on computers running Windows 7 as well as on Windows Vista.

The top five hard-disk encryption products detected by Opswat in the survey were TrueCrypt, a free open-source product; DigitalPersona; Sophos' Utimaco; Microsoft's BitLocker and Symantec's PGP and GuardianEdge.

Opswat warned, however, that its data is limited to those encryption applications that have been added to its OESIS Framework libraries, and that other disk encryption application vendors can partner with Opswat to be added.

Send news tips and comments to jeremy_kirk@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: DigitalPersona, etwork, GuardianEdge, McAfee, Microsoft, Persona, PGP, Sophos, Symantec, Utimaco, Utimaco
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: data breach, data protection, encryption, Opswat, security
Latest Blog Posts
Whitepapers
  • Simplifying branch office security
    Securing your business network is more important than ever. Malware, botnets and other malicious programs threaten your network—at your central offices and your branch offices alike. Yet enforcing consistent network security throughout your enterprise can be challenging—especially for those of you with branch offices with few users and no IT expertise. This paper introduces a new standard—an innovative, unified, cost-effective solution for managing branch office security, with centralised reporting and a clear process for determining return on investment (ROI).
    Learn more »
  • Seven Tips for Securing Mobile Workers
    Seven Tips for Securing Mobile Workers is intended to offer practical guidance on dealing with one of the fastest growing threats to the security of sensitive and confidential information.
    Learn more »
  • Gartner MarketScope for Application Life Cycle Management
    Organisations adopting agile practices, utilising global and distributed teams, or exploiting complex processes and technologies are most likely to benefit from using ALM tools to plan, manage and report on their development activities. This MarketScope assesses the market offerings and their providers.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments