A tenth of small business owners and employees regularly share confidential files on personal devices or send documents to personal rather than work emails, as employees still possess poor IT habits.
The findings, which show a significant lapse in data security amongst the UK’s five million plus small businesses, were highlighted in research conducted by software developer Reckon.
Furthermore, the research finds that a quarter of small business owners (25 per cent) and their teams save documents onto their desktops rather than onto a central server.
Less than a fifth (16 per cent) of businesses aged ten and under regularly email files to personal addresses in breach of data security guidelines, compared to just seven per cent of those aged ten-20 and four& per cent of those aged 20-35.
Surprisingly, these statistics were just as prevalent, in larger SMEs with a turnover of £10 million or more. Reckon’s survey found that the same ten per cent of these larger businesses sent documents to personal devices and a third saved documents on desktops rather than central servers.
Reckon believes the reasons behind these data breaches may include ease of access when working remotely, and keeping documents to hand rather than sorting through mismanaged folders.
Sending and saving documents incorrectly and to personal devices breaches basic data security guidelines and could even put employers and employees at risk of breaching Data Protection laws. Such practices also place confidential information at risk of hacks or unauthorised use and also mean that employers cannot provide complete audit trails of documents within their own business.
Mark Woolley, commercial director for Reckon Software’s Virtual Cabinet, says, ‘It’s truly concerning that so many SMEs here in the UK are ignoring basic data protection rules. The findings are especially worrying where SME owners are involved, as they are placing their own business’ sensitive information at risk. Incorrectly managing data and information in this way can pose financial, reputational and security issues to a business; something that no business owner wants to have to deal with.
‘Bad habits can easily stick, particularly amongst teams within businesses where there aren’t clear policies around data security. I’d urge new businesses to set guidelines around working with documents and emails at the outset in order to give themselves a head-start when it comes to keeping information safe.
‘Businesses should also consider that new legislation such as the General Data Production Regulation will incorporate additional data security into law, making adhering to basic practices of vital importance.’