August 26, 2011
Half of small firms in the UK still believe that the impact of data loss and theft of information from their organisation would have no impact on their business, according to a recent survey.
The survey of 1,000 UK businesses found that more than two thirds of UK small or medium-sized enterprises (SMEs) either never train their employees on company information security procedures and protocols (30%), or do so only on an ad hoc basis (38%).
The results come after last year’s enhancement of the powers of the Information Commissioner’s Office (ICO), to be able to fine organisations up to £500,000 for serious breaches of the Data Protection Act. A total of only 4% of companies reported actively changing their information management procedures as a consequence of the changes, while surprisingly 58% of businesses said that they were not aware of the enhanced powers.
The chief executive of the Forum of Private Business, Phil Orford, said: “It’s time companies got wise to the seriousness of data theft and the importance of protecting their information. Quite apart from the implications for the commercial viability of a business, failing to secure data properly could lead to a potentially huge fine.”
The survey also showed that 22% of firms classified themselves as either ‘not at all aware ’or ‘not very aware’ of their legal responsibility to keep secure confidential information relating to staff and customers.
When you read reports like this it makes me wonder how much of your own personal information, your company information or indeed sensitive customer data is floating around that anyone can get hold of. In terms of protecting your business from the impact of data loss and theft, secure data destruction of hard drives and the information that they contain whether of site or onsite is absolutely critical in protecting data of individuals and companies.