Over a quarter of small and medium businesses (26%) consider protection from security risks their least important business priority, according to a survey commissioned by Orange. This is despite a high level of awareness of the possible risks, with 78% of those surveyed concerned that data theft, computer viruses or the loss of a mobile device or laptop could affect their business.
One in ten (11%) business owners also claimed to have lost revenue due to data loss from a device and 12% stated that they have lost competitively sensitive material through security problems.
Across the UK business attitudes towards data security varied greatly. The Orange survey found that businesses in Northern Ireland were most aware of security risks with 50% ranking it as their first business priority; even above growing their customer base or increasing productivity.
By contrast in the North East, none of the small and medium businesses questioned in the survey regarded information security as their top priority. Even in Northern Ireland, these concerns have not resulted in action, with business owners failing to take the most basic steps to protect themselves from data loss or theft.
If a business loses or has a mobile device stolen, less than one fifth (18%) of respondents are able to wipe their mobile devices remotely. The research also found that more than a third (38%) rely on passwords alone to protect their laptops and mobiles, instead of adopting additional measures such as automatic wiping or locking facilities.
The research revealed that half of small businesses do not seek the specialist help and advice they may need to protect themselves with 50% of business owners managing their own IT and communications systems. While being a jack of all trades is a key to their success, it could be detrimental in the long term as many may lack the knowledge to implement IT security measures effectively. The survey supported this, with nine out of ten (89%) businesses only having standard security measures in place (such as anti-virus or firewall protection), and lacking a specific device security policy, putting them at unnecessary increased risk from information security breaches.
To help small businesses be better protected, Orange is offering some simple guidelines to help begin to improve their data security: It may sound simple, but it’s surprising how many people forget to back up their devices – to avoid permanently losing the information contained in your contacts, calendar and email make back up a priority; To add an extra level of security to your password function, make sure you change it regularly – every month if possible; If devices are being shared between employees or used by some employees for both work and personal use, you can set usage and access restrictions – for instance on high risk websites whose content could negatively impact your business; Last but not least, if a user leaves the company you can use the factory re-set application to wipe any sensitively stored information on the device before passing it on to another employee.
“Our research highlights that it is not just about having the right technology – small and medium businesses also need to know how to use and protect their data. With only a third (37%) of companies training staff on how to securely use business devices, we encourage business owners to educate themselves and their employees in device security best practice to make sure that they are tackling the potential risks before they become security breaches – and most importantly, before they lose revenue as a result,” said Martin Lyne, director of small and medium business, Orange UK.