Microsoft's full-disk encryption feature is not being widely used, even where it is part of the Windows operating system, according to a new survey released by security vendor Opswat.
Microsoft added its BitLocker hard-disk encryption feature to the "ultimate" and "enterprise" versions of its Windows Vista and Windows 7 operating systems, in response to greater concern over data losses and breaches. It is also present in Windows Server 2008 and Windows Server 2008 R2.
Security companies have also taken an interest in full hard-disk encryption by making acquisitions, including Symantec's purchase of PGP and GuardianEdge, Sophos' purchase of Utimaco and McAfee's acquisition of SafeBoot.
Opswat conducted its survey by analyzing 35,000 reports from the 50 million network endpoints on which it manages applications using its OESIS software framework. It verifies the compatibility of security applications with other applications such as SSL (Secure Sockets Layer) VPN and network access control technologies.
But it appears from Opswat's data that despite having full disk encryption technology, few organizations are actually using it.
"Our findings show that end-user adoption of hard-disk encryption technologies aren't nearly as widespread as the use of antivirus, antispyware and firewall products," Opswat said. "Even when these hard-disk encryption features are included as a feature in the Windows OS, they remain unused for the most part."
Of the 35,000 reports, nearly 90 per cent of those computers were not using any hard-disk encryption products. A little over 8 per cent of those machines had BitLocker installed, with a little more than 2 per cent having some other encryption product.
Of those machines with BitLocker installed, the application was actively encrypting on only 1.47 per cent of the computers, Opswat found. BitLocker was not used on 98.53 per cent of the machines it is installed on.
"BitLocker, like the disk encryption product category itself, is not finding widespread adoption," according to the report. "Preliminary analysis suggests that mobile computer users (laptops, notebooks) have a higher percentage of BitLocker usage than average."
The top five hard-disk encryption products detected by Opswat in the survey were TrueCrypt, a free open-source product; DigitalPersona; Sophos' Utimaco; Microsoft's BitLocker and Symantec's PGP and GuardianEdge.
Opswat warned, however, that its data is limited to those encryption applications that have been added to its OESIS Framework libraries, and that other disk encryption application vendors can partner with Opswat to be added.
Send news tips and comments to firstname.lastname@example.org
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.