Many Small Businesses at High Risk For Information SecurityThu 23 Jun, 2011 // Chris Allan
A recent report has revealed that small businesses are particularly relaxed when it comes to information security, with an estimated 50 per cent risking significant data loss in the workplace.
The report, commissioned by on-site document destruction company, Shred-it, uncovered the staggering figures, despite recent enhancements in the realm of data security procedures for businesses.
In April 2010, the Information Commissioner's Office (ICO) gained powers to fine companies up to £500,000 for serious breaches of the Data Protection Act. However, despite intentions to implement stronger data security in businesses, the development influenced just 4 per cent of surveyed companies to change their policies on information security. 58 per cent of respondents revealed they weren't even aware of the ICO's updated guidelines.
In light of survey results, Shred-it's Executive Vice President, Robert Guice, said: "Ignorance is no defence in the eyes of the law and UK businesses need to wake up quickly to the fact that failures to store and dispose of confidential information in a secure manner could have far-reaching and potentially financially damaging impacts upon their operations."
Mr. Guice added, "As a company owner or manger, understanding your legal obligations in view of the Data Protection Act, and developing policies and procedures to comply with them in a consistent and reliable manner is absolutely essential."
However, hefty misconceptions also played a massive role in the report's findings: the survey showed that an estimated 50 per cent of small businesses in the UK believe that the loss or theft of data from their organisation would have no impact on their company – meaning half of UK small business owners are disregarding risks of data security and data loss.
In response to the findings, Chief executive of the Forum of Private Business, Phil Orford, said: "It’s time companies got wise to the seriousness of data theft and the importance of protecting their information. Quite apart from the implications for the commercial viability of a business, failing to secure data properly could lead to a potentially huge fine."
He added, ‘It might be tempting to push issues like this under the carpet, but that would be a grave mistake."
“We have been pleased to work with commissum who have provided us with services to address our Security Assurance requirements. commissum met our demands, as an organisation operating within the Legal Services sector, with the highest level of integrity, commitment and excellent level of service. We would have no hesitation in recommending commissum.”
Mr Kenneth P, IT Manager, National Legal Services
"commissum recently provided us with services to assess a web application and supporting infrastructure. I was impressed with the consultants throughout the project, by their technical knowledge, flexibility, open communication and willingness to go that extra mile. Of particular benefit was the sound advice given both during and after the engagement. By identifying vulnerabilities promptly, accompanied with practical recommendations on how to address them. We were able to implement improvements quickly. Good value, a job well done.”
JM, Infosec Analyst, International Investment Bank
"We engaged with commissum for the first time this year and found them highly professional and a pleasure to do business with. We were particularly pleased with the report provided which was of excellent quality, with an appropriate level of detail and clarity in its recommendations. I would happily refer others to commissum.”
Mr Billy K, IT Director, National Law Firm
"We are extremely pleased with the work carried out by the commissum team. All of the commissum staff were a pleasure to work with and maintained a high level of professionalism at all times. They were able to provide us with sound advice and guidance to make sure that we got the best value for money from our test and provided excellent communication and recommendations before, during and after the tests. I would strongly recommend commissum to other companies that are looking for peace of mind in relation to their IT security and I can say that we will use commissum again for future testing.”
Chris S, IT Officer - UK Housing Association
"commissum understood exactly what we needed and delivered excellent service on time, and on budget. Why can't all companies be like them!"
Mr Duncan M, Information Security Manager - National Building Society
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
"commissum was particularly responsive and the project was well managed under demanding conditions. I was very happy with the technical standard. Very good value for money as well”
Mr Kenneth Y, Head of IT Risk & Compliance, International Retail Bank
"I was very pleased with the work delivered by commissum from start to finish. The quality of reporting was excellent and the consultants very helpful with clear communication throughout the engagement. I would happily recommend commissum to others.”
Ms Louisa L, IT Manager, National Building Society
"commissum provided us with a high quality service. We found the project team helpful and flexible in responding to changes in requirement; the technical staff in particular were excellent. All commitments including deliverable timescales were met and I would have no hesitation in recommending commissum.”
Mr A Moretti, Executive Director for IT Security Risk Management, Global Investment Bank
"From the start the project went very smoothly despite the short notice. commissum maintained excellent communication throughout ........ their flexibility and responsiveness right up to the end of the project was of great value to us.”
Mr Keith H, Senior Business Manager - UK Local Government