Nearly two-thirds of British organisations do not use any specific products to help reduce data loss.

According to a survey from Ouocirca and CA, 64 percent of UK organisations are failing to use Data Loss Prevention (DLP) products ranking the UK behind France, Ireland, and Italy.

However, according to the survey, You sent what? Linking identity and data loss prevention to avoid damage to brand, reputation, and competitiveness, 90 per cent of the organisations that have deployed DLP are confident that there are well prepared to protect IP and personal data.

Part of the difficulties facing companies is that there's no starting point for the data that needs to be protected. "There are big discrepancies between industries," said Quocirca director Bob Tarzey, "particularly related to the way that they perceive what data needs to be protected. For example, Finance is particularly interested in recognising personally identifiable data, while manufacturing companies are interested in securing intellectual property."

Tarzey said that organisations should have a "compliance vision" in place. "Our survey showed that many organisations struggled with compliance." He added that while governments and industries had put various compliance regimes in place.

According to the report, organisations should be moving to a compliance-oriented architecture (COA to help would help alleviate the problem of data loss and misuse.

As you might expect from a report commissioned by a vendor of compliance products this would entail organisations employing DLP products to help locate and classify data. But Tarzey said that technology will only go so far. "The starting point must always be to begin with a clear policy and that is communicated to employees. Organisations have to ensure that the people entrusted in handling data, are people who have a legitimate right to do so. The technology can help with the process and improve behavioural practice but it's enough in itself."

There are further issues to deal with, said Tarzey. "Mobile, cloud computing and virtualisation will throw up new challenges for organisations in the future.