Local councils are failing to take adequate measures to protect data, according to new research which claims that just one in 10 encrypts all their computer data.
The survey of IT and security managers at 60 local councils and police authorities found that data on "some computers carrying sensitive material" was encrypted by 45 percent of respondents, with only 10 percent saying data on all machines was encrypted.
More than four in 10 respondents - 43 percent - confirmed that no data was encrypted by their organisation.
But 38 percent of respondents said their organisation had been faced with an incident in which a laptop computer was lost or stolen during the past year - including one of the six police authorities in the survey carried out by security vendor BeCrypt.
Three in 10 of those surveyed also reported that they had no procedures regarding use of USB devices - a common cause of data security problems. Just 2 percent of organisations had imposed a total ban on USB devices, while 38 percent allowed limited use and implemented port control security.
The survey also highlighted a lack of disaster recovery planning. Only 8 percent of those surveyed said they had a full disaster recovery plan with facilities for secure mobile working and an alternative site to use in case of a major problem such as a flu pandemic or public transport collapse that prevented staff getting to the office.
More than four in 10 respondents said they had "few plans" but that data was backed up, while 20 percent said staff would have to work from home using their laptops and 23 percent said an alternative site "would be set up".
Richard Brooks, BeCrypt's director of sales, said: "The use of laptops, USB devices and other removable media are posing an increasing risk to data security. The survey highlights that 30 percent of councils have no policy regarding the use of USB devices and the inadvertent or malicious threat of data leakage."