Monday, March 11, 2013
More than half of small businesses experience data breaches, study finds
The words "data breach" are often associated with large corporations. The term evokes reports of international firms being struck by hackers or committing acts of negligence which lead to the exposure of sensitive company or client information.
There's a good reason for this: such incidents tend to attract the most media attention. But this does not mean that they represent the full spectrum of data breaches, or even the majority. In fact, as a recent study demonstrated, the majority of small to medium-sized businesses (SMBs) have experienced data breaches, which suggests a need for improved secure file sharing tools and strategies among firms of all kinds.
SMBs at risk
The study, conducted by research firm the Ponemon Institute, found that among more than 1,200 participating U.S. businesses with less than $10 million in annual revenue, 55 percent admitted to having experienced at least one data breach. Among this group, more than 50 percent had numerous breaches in the 12 months prior to the survey.
According to the study, the bulk of these data breaches, almost all of which concerned digital records, were attributable to employee or contractor errors, such as losing devices or not following secure procedures.
More than 85 percent of survey respondents indicated they share customer and employee records with third parties for a range of purposes, including billing, benefits and payroll services.
Notably, the study found that only one-third of SMBs that experienced a data breach reported this incident to affected individuals, despite the fact that doing so is mandated by law in 46 states.
This reluctance to inform customers when their data has been exposed in a breach demonstrates that SMBs are well aware of the ramifications of these events. As people become increasingly aware of the importance of protecting their digital data, breaches are becoming an even greater stigma for companies of all sizes and types to bear. Yet failing to report these breaches, if this oversight is discovered, can lead to even worse consequences, including fines and a bigger hit to the firm's reputation.
While it is important for small businesses that suffer data breaches to report these incidents, ideally such firms should take greater steps to prevent these incidents from occurring in the first place.
For example, firms of all sizes should consider investing in dedicated secure file sharing tools. These solutions can immeasurably improve a business's data security by guaranteeing the integrity of all file attachments sent via email. This is critical for two reasons. First, sending and receiving files has become a vital aspect of many workers' days, regardless of industry. Secondly, workers will typically only use secure formats for sharing files if these solutions are easy to use. A firm that invests in an unwieldy program will find that employees prefer simple, unreliable options.
By choosing a secure file sharing tool that is both reliable and requires little to no additional time or effort, businesses can vastly improve usage rates among employees, and therefore greatly reduce the likelihood of data breaches emerging.