Information security insights and trends: Shred-it’s fourth annual Security Tracker
It’s that time of year again: the results of Shred-it’s fourth annual Security Tracker research study are out! This year we have surveyed over 1,000 businesses in the UK to see what companies of all sizes are doing – or not doing – to secure their data and protect their clients and employees from the threat of a security breach.
Cyber security is a big concern in 2014, especially following widely-publicised major breaches at eBay and Spotify, yet our results show that a third of SMEs (32%) have never disposed of redundant electronic devices containing confidential information, while a further 35% do it less than once a year. That means offices are stacking up on USB sticks, old hard drives and computers – despite these high-profile security breaches at major firms based in the UK!
Shockingly, more than half (51%) of SMEs surveyed haven’t implemented a cyber-security policy in their business. This is worrying as fraudsters often use electronically-stored confidential and sensitive data to fuel their criminal activities and having no policy in place for employees to follow could be putting businesses at greater risk!
While SMEs are starting to realise that a data breach would have some impact on their business, fewer than half (46%) could correctly identify the potential financial penalty for breaching the Data Protection Act. Surprising you might think, given that the Information Commissioner’s Office can fine companies up to half a million pounds! Yes you read that right – enough to have a serious (potentially terminal?) impact on any business.
With a fifth of respondents also believing they possess no documents that would cause their business harm if stolen, it seems a little myth-busting is required on what qualifies as sensitive information. Everything from employee records to client invoices are confidential and if found could be used to commit fraud or other activities detrimental to your business. It’s important you review and identify where confidential information exists in your business and securely dispose of it when it’s no longer needed. Our research found that many employees have waste paper or recycling bins at their work stations (79% of SMEs and 86% of large firms said so) but it’s worth remembering that anyone can sift through an open waste or recycling bin, so if confidential information ends up there it could be putting companies at risk of a breach.
Shred-it has been tracking business information security progress through our annual Security Tracker since 2011 as part of our commitment to educating both businesses and consumers on the prevention of fraud and identity theft. Our detailed research provides context on this important and increasingly high-profile issue. We are also able to identify any year-over-year changes in protocols and perceptions surrounding information security and use this to help guide businesses on what they need to do in order to safeguard their confidential information.
Check out this year’s report findings here and follow us on Twitter @Shredit_UK #SecurityTracker. We will also be sharing the top four things we have learnt in the last four years of the Security Tracker survey so keep an eye on our feed!