5 Data Security Threats Every Small Business Should Know About

Although these findings are largely Information Technology (IT) based, the principles apply to manual records too. It is important to understand that IT is a mechanism by which we can conduct our businesses efficiently – because we have it does not mean that we have all the necessary measures in place to protect the data or meet our statutory data protection requirements.

1. Employee negligence puts an organisation at risk.
A company’s greatest asset—its employees— can also be its weakest link.
Top reasons cited for data loss include;
clicking links in spam email
leaving equipment unattended
not frequently changing passwords
visiting restricted sites

2. SMBs aren’t protected enough.
The majority of SMBs said that, in general, they can’t do enough to protect their data using the measures and technologies they currently implement.
Companies are no longer just at risk of losing data due to external threats such as hacking and compromises. They are, in fact, in even graver danger due to employee negligence or maliciousness.

3. Employee mobility may prove disastrous.
Mobile devices enable the workforce to access data from virtually anywhere at any time, allowing greater flexibility and productivity. Freedom, however, may come at a price.
Research shows that 56% of employees very frequently or frequently stored sensitive data on
their laptops, smartphones, tablets, and other mobile devices. This means there is more than a 50% chance that confidential information can land in the wrong hands should they lose these devices.
The Bring-Your-Own-Device (BYOD) Era is here to stay. As more and more business data is stored in or accessed by devices that are not fully controlled by IT administrators, the likelihood of data loss incidents caused by improperly secured personal devices will continue to rise

4. SMBs fail to routinely back up data.
Less than 50% of SMBs routinely back up data. This, along with risky employee behaviours, the Bring–your-Own-Device (BYOD) trend, lack of adequate security protection, and various other threats to data, is putting them at great risk.

5. SMBs do not enforce data security policies.
SMBs run the risk of losing data, employee productivity, revenue, and their reputation with the exponentially increasing number of data breaches. While technologies are important in data protection, properly managing the “human factor” will also help prevent your organisation from becoming a data breach victim.
SMBs should ensure data protection policies are put in place, communicated to employees, insiders and customers, and strictly implemented.

Reference: Source: Ponemon Institute, 2012