Human error biggest business risk

Human error biggest security risk for a quarter of UK’s SMEs. Third of small business owners unaware of what constitutes confidential information. Over a quarter of SMEs have no information security protocols or training in place.

Human error biggest security risk for a quarter of UK’s SMEs. Third of small business owners unaware of what constitutes confidential information.  Over a quarter of SMEs have no information security protocols or training in place. 

SMEs in the UK are failing to train staff on how to correctly identify and dispose of confidential information which could lead to a costly data breach, warns the UK’s leading information destruction experts, Shred-it.A Shred-it survey conducted by Ipsos MORI found that although 24% of SME owners claim that human error, such as leaving sensitive information on desks, poses the biggest security risk to their organisation, more than a quarter (27%) do not have information security policies and procedures in place. A third of those who do, admit to never training their employees on these protocols.

Even more concerning is the fact that a third (32%) of small business owners are unaware of what constitutes confidential data, saying that they possess no information that would cause their business harm if stolen. However every business in the UK holds confidential data – from payslips to meeting agendas and employee or client records – that could lead to damaging financial, legal and reputational repercussions. “Employee error is understandably a big concern for UK small business owners. Leaving documents on a desk or throwing a payslip in the bin could pose a huge risk to an organisation. But how can business owners expect their staff to understand how to deal with confidential information if they can’t even identify what is confidential?’ said Robert Guice, Executive Vice President, Shred-it EMEA.  He added, “Small businesses need to step up and take responsibility for ensuring that everyone in their organisation is aware of the sensitive data they hold. Putting in place protocols on how to deal with confidential information, or even adopting a ‘shred-all’ policy that all staff are aware of, is essential for SMEs to protect their businesses.”

Since April 2010, the Information Commissioner’s Office (ICO) has issued over £7 million worth of fines to organisations that have experienced data breaches. This is costing businesses millions of pounds; but despite such high figures, SMEs are still not doing enough to safeguard themselves against breaches from within their organisation. Investing in workplace training is key to ensuring that SMEs do not suffer costly fines which could cause irreversible financial damage.

Unlike SME owners, C-Suite executives are much more likely to train their staff on information security protocols, with 36% of C-Suite executives providing frequent data security training (twice a year or more frequently) compared to only 11% of SME owners. This regular data security training highlights that large businesses are more prepared and aware than their SME counterparts when it comes to preventing and identifying data security risks and avoiding financial penalties in the process. Shred-it is calling on SME owners to implement workplace training for all employees to eliminate the risk of a data breach. This will ensure staff at every level are adequately trained on the importance of data security and able to spot and prevent potential human error-related slip-ups before a data security breach occurs.

Five tips to help you spot a data security error before it happens!
To ensure that employees know what to look for when spotting data security risks in the workplace, Shred-it advises small business owners to follow these tips:

Schedule regular information security audits to identify problem areas – and solutions. Introduce a shred-all policy, which means all documents are destroyed prior to disposal or recycling. Keep an inventory of all information that needs to be protected. Schedule on-going training so employees understand best practices for protecting confidential information – in and out of the workplace. Ensure employees are informed about the risks associated with data protection breaches and are well trained on which documents they should consider shredding and how to dispose of electronic data.

Read more

Latest News

Read More

Five ways to supporting employee financial wellbeing

26 November 2024

Newsletter

Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

Human Resources Manager Cammell Laird This is a key HR role supporting leadership and managing day to day HR operations for our large Birkenhead based

Human Resources Manager Up to £42,000 per annum benefits (including 25 days annual leave and pension) Leatherhead, Surrey KT22 7TW. Rainbow Trust Children’s Charity is

University of Greenwich – HRSalary: £45,163 to £55,295 per annum, plus £5400 London weighting pro rata per annum

Universities UK – Human ResourcesSalary: £21,441 to £24,474 per annum pro rata, dependant on experience

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE