Shred-it has released an interesting study on the implementation of security programs

Jun 19, 2013 20:11 GMT  ·  By

Shred-it, an information security company providing document destruction services, has published a study – conducted by Ipsos Reid – which shows that many small business from the US are not really aware of the impact that a security breach could have on a company.

According to the report, “The 2013 Shred-it Information Security Tracker,” 69% of firms are not aware or don’t believe that a breach resulting in data loss could have an impact on finances or business credibility.

This false sense of security results in the fact that many organizations don’t fully implement information security programs, and they don’t safeguard sensitive data as well as they should.

The study has also found that 45% of small businesses don’t have protocols in place for securing data, and over one third of them never train staff on information security procedures.

Only 18% of them would encourage new data privacy legislation that requires stricter compliance and harsher penalties.

“As we celebrate National Small Business Week, we're urging companies to be vigilant when it comes to information security,” said Mike Skidmore, privacy and security officer, Shred-it.

“We have seen a consistent increase in small businesses without security protocols in place and a crucial first step for practicing effective information security is improving awareness of policies and procedures. Organizations face a lot of risks, but enforcing sensitive data safeguarding as a company-wide practice will potentially avert both significant financial and reputational damage.”

Shred-it advises businesses to analyze the possible security gaps in the organization and in the supply chain, and assess existing security risks. A quick risk assessment survey is available on Shred-it’s website, here.