Being a company owner, you might think the biggest threat to your data are hackers and similar people who go after data for the profit of trading it. Although hackers are definitely a threat and you should be taking measures against them, too, the biggest threat, by far, is much closer to home: your employees.
According to the Ponemon Institute's new study, “The Human Factor in Data Protection,” employee negligence in protecting data – or even maliciousness in some cases – was the source of 80% of the issues reported to the survey. That means, out of the 709 surveyed IT security experts, over 560 of them said that their biggest problems came from within the company.
Not all of this data breach was intentional, however. The biggest data breach issue was caused when an employee lost a laptop or a smart phone, and the second largest reason was that employees had a third party mishap. Trailing in third at 29% was a glitch or hiccup in the system that was completely out of control of the user.
The most concerning piece of data was that 56% of all those who were surveyed stated that data thefts were discovered accidentally when IT experts weren't even looking for it.
You may be asking right now why a data theft, done by accident or not, wouldn't be immediately recognizable and correctable. Part of the problem is only a fifth of employees who caused the data breach in the first place confessed so the problem could be rectified quickly, and assessments and audits only seem to turn up an IT problem around 40% of the time. A measly 36% said that a problem with data security was found through their internal security system warnings. This leaves plenty of openings for accidental and intentional data theft.
One of the most shocking and upsetting facts is that employees mishandling information and also opening virus attachments or leaving computers unattended was more common in smaller businesses with under 100 employees. Small businesses are even less likely to have any protection for data at all – 65% of small business data is not encrypted or otherwise safeguarded against malicious intent.
So if you're a small to medium business, protecting your data is even more important than it has been in the past. Even though the cost per stolen or lost record has fallen for the first time in seven years, costs are still up: data loss results in a whopping 5.5 million in costs yearly.
Safe guarding your data from accidents and otherwise is one of the most important things you can do, and it shows in the statistics that not everyone agrees this is true. Even though the report also showed that customers are less likely to jump ship when there's been a data breach in your company, that doesn't mean losing data will spur people to come in droves – to guarantee that, make data protection a priority and reap the benefits.