Poor cyber security habits are putting one in ten SMEs at risk, according to a new study.
A survey by Reckon found that 10 per cent of small business owners and employees regularly handle sensitive data on their personal devices or email accounts.
Meanwhile, documents at a quarter of SMEs are saved to individual desktop systems and not a central server, meaning that if a machine is lost to a technical failure or cyber attack then the data that it holds could be irretrievable – a potentially costly mistake to make.
Although it will come as little consolation to small businesses whose lax security practices have cost them time or money, the results were similar at larger firms.
25 per cent of SMEs with a turnover of £10 million or more send documents to personal accounts, while a third save them to their desktops rather than central servers.
“Sending and saving documents incorrectly and to personal devices breaches basic data security guidelines and could even put employers and employees at risk of breaching data protection laws,” wrote Mark Woolley, Reckon’s commercial director, in a blog post.
“The findings are especially worrying where SME owners are involved, as they are placing their own business’ sensitive information at risk.
“Incorrectly managing data and information in this way can pose financial, reputational and security issues to a business – something that no business owner wants to have to deal with.
“Bad habits can easily stick, particularly amongst teams within businesses where there aren’t clear policies around data security.
“I’d urge new businesses to set guidelines around working with documents and emails at the outset in order to give themselves a head start when it comes to keeping information safe.
“Businesses should also consider that new legislation such as the General Data Production Regulation will incorporate additional data security into law, making adhering to basic practices of vital importance.”
Photo © Hamza Butt (CC BY 2.0). Cropped.