IT professionals are fixated on perimeter security measures such as firewalls, antivirus protection and content filtering, and are ignoring more important security considerations, suggest the findings of a Gemalto-commissioned survey.

Polling a little over a thousand IT professionals around the world, the survey found that 76 percent had reported that their companies had increased investments in perimeter security, yet 68 percent said that they thought unauthorized users could still gain access to their networks.

Thirty-two percent of the respondents said their organizations don’t encrypt payment data, and 35 percent said they don’t encrypt user data in general. Fifty-five percent said they didn’t know where such data is stored.

The responses paint a dismal portrait of the state of enterprise security at a time when the protection of sensitive data is an increasingly key concern. Just this week, a provider of smart vending machines reported that it had suffered a data breach compromising customer data including biometric credentials.

Meanwhile, the European Union’s General Data Protection Regulation will come into effect next May, with 53 percent of respondents in the Gemalto survey saying that they don’t think their organizations will be compliant in time. That could prove costly for the businesses and, in the event of hack attacks, their customers.

Source: MobileID World