Barely a quarter of companies have an effective system in place to stop data leaks via e-mail, according to a new IDC survey of US businesses.

The survey found that 72% of firms are unable to prevent data leaving the company, despite 85% of IT managers saying they are very concerned about the matter. "Organisations need to increase their efforts in combating e-mail security risks," said Brian Burke, programme director of security products at IDC.

"While organisations have expressed concern about inbound and outbound e-mail security, their current solutions are not getting the job done. Such organisations need to take advantage of new solutions and delivery models."

Accidental data leakage is increasingly the biggest threat, rather than attacks by hackers or malicious employees. IDC estimates that up to 90% of data loss occurs accidentally.

In addition to failing to protect outgoing mail, firms are neglecting security on incoming threats because, the survey found,firms rely on outdated technology.

Nearly nine out of 10 did not have an effective anti-spam protection system set up, and 40% did not have systems in place that could stop 95% of spam. Minimising spam is still a serious issue, since so much of it often contains malware, or links to sites hosting malware.

"Organisations are not doing enough to stay safe," said Atri Chatterjee, senior vice president of Secure Computing, which sponsored the survey.

"Unfortunately they are depending on last-generation solutions from multiple vendors to fight organised cyber criminals. Even in today's challenging economic times, the study shows that executives recognise the importance of e-mail security and that organisations are willing to invest in new solutions."