Employee IT behaviour highlights GDPR compliance risk

A quarter of businesses admit to storing confidential data in the public cloud, with a tenth, being breached recently.

A large number of the UK’s 2.55 million businesses are at risk of huge financial penalties, as employees ignore company policies around confidential data. Research from Sharp has identified that one in 12 office workers (eight per cent) has had access to confidential information that they should not have had, and nearly a quarter (24 per cent) admit to storing work information in the public cloud even though they are not permitted to.

File sharing and taking confidential data out of the office were also widespread with nearly a quarter (23 per cent) using public file sharing sites without business approval, and a third (31 per cent) ignoring office protocol by taking work home to complete. Even the rule makers in HR are flaunting IT policy, with 30 per cent of respondents who work in HR departments admitting to storing information in the public cloud, potentially jeopardising personal data.

With the General Data Protection Regulation (GDPR) coming into force in May 2018, businesses will be subject to large maximum fines for certain data protection breaches, making the adoption of robust data protection policies and practices a priority.

Stuart Sykes, managing director at Sharp Business Systems, says, ‘It is up to businesses to find the right balance between modern ways of working and secure data sharing. When you also consider that 75 per cent of the workforce is now mobile and 81 per cent of employees access work documents on the go, businesses need to do more to keep up with their workers.’

Security and privacy expert Dr Karen Renaud says that the results showed a need for businesses to provide better support for employees, ‘As long as businesses continue to require or implicitly overlook insecure behaviours, security will always be sacrificed.’

Risks were not limited to digital information; two thirds of workers (59 per cent) reported that colleagues leave printed pages in the printer tray, significantly increasing the chances of documents being seen by the wrong person in the office.

Further reading on GDPR

Owen Gough, SmallBusiness UK

Owen Gough

Owen was a reporter for Bonhill Group plc writing across the Smallbusiness.co.uk and Growthbusiness.co.uk titles before moving on to be a Digital Technology reporter for the Express.co.uk.

Related Topics