Data Breach News: Study Shows Small Businesses Are More at Risk Than Ever

Posted  June 30, 2015  by  Shred-it


Shred-it’s 2015 Security Tracker Survey is out, and the 5th annual online survey of small business owners and C-suite executives showed that in the United States and Canada, large businesses are doing a much better job than small businesses of protecting the confidential data that they generate.

“As small businesses continue to lag behind their larger counterparts,” said Sarah Koucky, Vice-President, Security at Shred-it, “they’ll increasingly expose themselves to not only theft and fraud, but severe financial repercussions that would result in bankruptcy.”

Here are some safe-guarding strategies that companies of all sizes can do, and some of the telling survey results:

  • Conduct regular audits of information security procedures. The annual Security Tracker showed that 69% of c-suite executives report frequent security audits while almost half of small businesses “never” or “rarely” audit their security protocols. A security audit can identify potential sources of data loss in the workplace.
  • Appoint an employee to be responsible for information security. Half of small businesses do not have someone in charge in this area.
  • Stay on top of privacy laws in your industry. The Security Tracker showed that 76% of c-suite executives are very aware of legal requirements of storing, keeping, or disposing of confidential data. But only 47% of small businesses are “very aware”, and 32% are “somewhat aware”. Non-compliance can result in fines and other penalties.
  • Implement a document management policy for storing and disposing confidential data. Almost 2/3 of large companies have document management protocols in place compared to 46% of small businesses; 37% of small businesses do not have a document management policy of any kind. While most c-suite executives said protocols for storing and disposing information off-site are provided as well, 41% of small businesses leave their mobile workforce to their own devices. Lost or stolen information can lead to an expensive data breach.
  • Implement a cyber security policy. The Security Tracker showed that 85% of large organizations have a cyber security policy in place compared to only 37% of small businesses. According to Symantec data reported in a story, targeted attacks on small businesses are increasing and accounted for 30% of all hack attacks in 2013 compared to 18% in 2011.
  • Improve document destruction policies. The Security Tracker showed that 70% of c-suite executives have locked consoles in their workplaces for documents that are no longer needed – compared to 40% of small businesses that do. Experts encourage partnering with a professional shredding service that provides locked consoles as well as regular servicing by trained personnel who remove documents for secure on- or off-site shredding.
  • Securely dispose of hard drives and e-media too. Almost 70% of c-suite executives said hard drive and e-media destruction is regularly scheduled compared to 11% of small businesses; 40% of small businesses never securely dispose of these materials.
  • Provide security awareness training. Most large businesses in the survey schedule annual training compared to only 3 in 10 small business owners that do.
  • Review security protocols of suppliers and other partners. Almost 60% of small businesses do not vet their suppliers. In comparison, large businesses ask suppliers about security safeguards including an information security policy, a security breach incident response plan, and a shred-all policy.

For more data security tips, check out our guide to information security in a workplace that should be safeguarded –for privacy protection and corporate competitiveness. You can also learn more about our secure shredding services can help prevent a data breach

Request a Quote

Fill out the form below and we’ll contact you with a free quote within the hour! (Between 8:00am and 5:00pm, Mon - Fri)

Select Service

Company info

Your info

Additional Info