2 July 2018 – A trend toward greater flexibility in working arrangements is here to stay, but alongside its obvious benefits, latest research shows an increase in the risk for breaches of confidential customer data. The 2018 Shred-it State of the Industry Report found that whilst 63 percent of organisations acknowledge the higher risk of a data hack or information breach when employees work off-site, many have not adequately addressed information security in remote working policies.
Shred-it’s Security Tracker survey revealed concerning statistics that highlight the information and data security risks currently threatening Australian businesses - both small and large. Despite their legal obligations, only 50 percent of all respondents have a strong understanding of the legislative requirements to adequately protect their customers’ confidential information.
“In the current environment of heightened concerns around information security and privacy, business leaders need ensure that they protect their customers from potential security risks and breaches whilst simultaneously managing an evolving workplace” says Tom Bell, Country Manager, Shred-it Australia.
Flexible working arrangements can bring a myriad of benefits to businesses and employees; the ability to work with customers on-site, achieve work-life balance, enhance employee satisfaction and cut down on office space costs. Almost a third (3.5 million) of all employed persons regularly worked from home in their main job or business in 2016 and this trend is likely to have continued.
The Security Tracker research showed that a majority (53 percent) of businesses have employees using flexible or off-site working arrangements. Most respondents (67 percent) also believe that the option to work remotely is becoming increasingly important, especially those in the business services and public service sectors.
However, preparedness to ensure security of information when employees work off-site does not match these expectations. Only 40 percent of small businesses have policies in place for storing and disposing of confidential information when working off-site, despite customers ranking the protection of their personal information as a high priority. Across all respondents, just 56 percent claim that their organisation has security protocols in place for employees using electronic devices that contain confidential information while working off-site.
Even when an organisation has comprehensive policies in place, these are only effective if employees are diligent in their application. Yet, only 55 percent of respondents regularly train their staff on information-security procedures or policies.
Alongside higher rates of remote working are Bring Your Own Device (BYOD) policies whereby employees use their own device for work, increasing productivity and employee satisfaction. However, there are risks to be avoided with the adoption of these policies, as BYOD also increases the opportunity of data theft, data leakage and malware intrusion caused by a device being connected to an organisation’s network.
“In an age of digital communication, the importance of physical materials, such as paper, is sometimes overlooked,” said Mr Bell. “For instance, our research shows that 59 percent of respondents think paper use will stay the same or increase over the next year
, leaving organisations vulnerable to the loss or theft of paper based private information.”
Already ‘dumpster divers’ search waste paper for documents to facilitate fraud and it is very easy for them to target employees who may have printed at home and unthinkingly thrown out. The report also showed that 10 percent of respondents reported lost or stolen equipment, and of these, around half (48 percent) indicated that sensitive company data was put at risk as a result. This rose to 60 percent of C-Suite respondents.
“The research shows that businesses need to respond to the multiple challenges of managing workforce engagement, customer expectations and legal obligations in terms of information security,” concluded Mr Bell. “Opportunities exist for businesses to do this successfully by putting in place the policies, practices, training and above all, a culture, to deliver on information security.”
Click here for Full Report
Click here for Infographic
For more information:
Sauce Communications (for Shred-it)
T: 0427 006 404
Shred-it is a world-leading information security company providing information destruction services that ensure the security and integrity of our customers private information. A wholly-owned subsidiary of the US based business to business services company Stericycle, Shred-it operates in 170 markets throughout 19 countries worldwide, servicing more than 400,000 global, national and local businesses. For more information, please visit www.shredit.com.au
About the 2018 Security Tracker Study
Ipsos conducted a quantitative online survey of two distinct sample groups: Small Business Owners (SMO) in Australia (n=1,003) with fewer than 100 employees, and C-Suite Executives in Australia (n=100), with a minimum of 100 employees. Data for Small Business Owners is weighted by region. Data for C-Suite Executives is unweighted as the population is unknown. The precision of Ipsos online surveys are calculated via a credibility interval. In this case, the Australia SBO sample is considered accurate to within +/- 3.5 percentage points had all Australian small business owners been surveyed, and the Australia C-Suite sample is accurate to within +/- 11.2 percentage points had all Australian C-Suite Executives been surveyed. The fieldwork was conducted between April 9th and April 21st, 2018.
In addition to the quantitative online survey, Ipsos conducted a short omnibus survey among a gen pop sample of n=1,000 Australians about data protection and security.