As businesses continue to suffer losses as they do not avoid data breaches or data loss, it is becoming clear that organizations are failing to train staff on how to identify and dispose of confidential information.
Recently, Shred-it released a study and it shows a growing gap between large organizations and small businesses when it comes to information security. Some interesting stats in the study are as follows:
- 65 per cent executives surveyed claim they have corporate protocols in place for storing and disposing of confidential data compared to 42 per cent back in 2014.
- 45 per cent of large organizations have corporate policies that require suppliers to have an information security policy in place.
- 41 per cent require a security breach response plan.
- 37 per cent stated they do not have a protocol for storing or disposing of confidential data.
- 88 per cent say their large organizations claim that they “frequently” or “sometimes” conduct IT audits compared to 64 per cent back in 2014.
- 69 per cent claim that they train their employees on security protocols at least once per year compared to 43 per cent the previous year.
- 56 per cent say of small businesses stated they “frequently” or “sometimes” conduct audits compared to 36 per cent say they have never trained their staff on information security protocols.
In our previous article, “Why your company will fail the next compliance audit”, we addressed how auditing is becoming a standard practice in all industries. Business leaders must remember that auditing and training are two core ways a businesses can improve their IT security as well as put them in a better position to conduct business with larger Canadian organizations. IT security is not complex and there are many simple ways that can help mitigate the risk of a costly data breach.
How do you protect your business from a costly data breach?
- All employees that handle information should have filing cabinets with a lock.
- Company should use secure recycling bins and use a secure destruction of documents.
- Old IT hardware should be destroyed and you should request a certificate of destruction.
- All laptops should be locked to prevent physical theft.
- All smartphones should be secure to protect against it being lost or stolen.
- All software should be proactively updated to ensure all security holes are patched.
- Limit access to network folders with sensitive information using network security policies.
- Install professional anti-virus and anti-malware software on all computers, laptops and servers.
- Train all new employees on all corporate information security policies and procedures.
Would your company pass an IT security audit?
Our Complimentary Network and Security Assessment that will give you a real picture of your IT infrastructure including business goals and identifying gaps in security. 365 iT SOLUTIONS delivers a wide variety of services including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services.