Information Security Not Being Taken Seriously Enough By Some UK Businesses

9th July 2012

We read an interesting article on HRReview this week about the lack of awareness in the SME workplace about Information Security. We have summarised accordingly.

Data security in any business is crucial for the integrity of both customer information and company reputation. In an effort to determine what protocols are being implemented and practiced by UK companies, a document destruction company commissioned an independent study administered by IPSOS MORI to determine how serious businesses are about securing confidential information.

The results from the Shred-it Security Tracker survey of 1,004 small to medium sized UK businesses were troubling. Surprisingly, more than half of those surveyed, 59.8%, admit that they have minimal protocols in place to protect sensitive data within their organisations.

UK law currently requires businesses to provide secure storage and disposal of confidential information. Survey results show that 23.1% of the businesses surveyed had little or no knowledge of these requirements, or that regulation violations can result in steep fines.

Some troubling statistics revealed by the report included that 81.9% of surveyed businesses perform their own document destruction, with 72.2% having no secure location for documents awaiting destruction. Nearly 13% have no protocol for document destruction at all, and 46.4% have no one specifically assigned to oversee data security. A scant 5.4% of these companies use professional document destruction services.

Another area of concern was electronic storage devices, with 77.4% of the businesses surveyed improperly disposing of discarded hard drives.

According to survey results, UK businesses need to implement better training of employees regarding data security and improve data security protocols, such as secure storage of documents and hard drives awaiting destruction.

Low cost, UK Online recruitment agency- RecruitmentRevolution.com.