EU Data Protection Directive: Staff support stronger regulation

With the EU's new Data Privacy Act expected to reach final agreement in 2015, research from Sophos has revealed the level of concern across Europe over data protection and security.

The report found that 84 per cent of respondents believe that stronger data protection laws are needed, but 77 per cent were not confident that their organisation complied with existing legislation.

Read more: Cloud providers are woefully unprepared for incoming EU data protection regulations

The survey, which was conducted by Vanson Bourne, gathered responses from more than 1,500 consumer and office workers across the UK, France and Germany. Those surveyed expressed concerns regarding both corporate and personal data, with research revealing that just 59 per cent have anti-virus software in place.

The report also highlighted how security concerns have changed as more companies incorporate modern technology into their day-to-day business. The surge in smartphone adoption and increased laptop use means that mobile devices often carry sensitive information. The report suggests that more needs to be done to educate staff on protecting mobile data, as only 31 per cent of respondents knew if their company phone was encrypted or not.

Gerhard Eschelbeck, chief technical officer at Sophos said organisations were taking a huge risk by neglecting their data protection policies.

"It's clear from this research that despite the majority of end-users understanding the importance of information and the need to safeguard it, they are still prepared to ignore the dangers to make their lives easier," he said.

The rise of cloud platforms and shared data also poses a security risk with 66 per cent of staff not always checking if their information is safe to share.

Altogether, the research suggests that the EU's new legislation is long overdue, but according to Eschelbeck companies need to take responsibility themselves to secure their data.

Read more: ICO slaps UK big data firms with fresh data protection guidelines

"If we are to beat cybercrime, organisations need to ensure that the right policies are in place," he said, "not only to safeguard business critical information but also meet the needs of the employees."