How can SMEs limit the damage that human error can cause?
People are the driving force behind the vast majority of businesses, yet any individual can still make mistakes.
A new survey from Ipsos MORI, carried out on behalf of information destruction firm Shred-It, found that small business owners deem human error to be the biggest security threat for the UK’s SMEs.
This is because staff are not trained on matters of company security, leaving many to make errors without even realising they are being made.
A quarter of SME owners believe that human error, including leaving sensitive information available to the public, is an issue yet 27% said they have no security policy in place.
Meanwhile, a third of those with policies in place admitted to never training their staff on the protocols to follow.
A major issue is that a third of bosses at small businesses said they were unsure of what is actually considered to be confidential data, stating they hold no data that would cause their business harm were it to be stolen.
This is untrue since every business has confidential data – from payslips to client records, meeting plans and employee data.
Should this information fall into the wrong hands, it could have major repercussions for a business, impacting upon its finances, damaging its reputation and even leaving it requiring legal assistance.
Understanding the risks involved is vital for businesses as they can then work to minimise the likelihood of human error impacting on their operations.
The key is communication, as employees need to receive training to make them aware of what behavioural traits to avoid – something as innocuous as throwing a payslip in the bin could have many consequences for example.
Taking responsibility should help cut the risk and limit the potential of any negative impacts on a firm – especially from a financial standpoint.
Putting issues right once they occur could leave a business in severe financial difficulty, or even in need of corporate recovery should they be hit with mammoth fines or court costs for example.
While there is no hard and fast rule for dealing with sensitive information, it certainly pays for business owners to have some sort of plan in place.
By Phil Smith