A recent report released by document destruction company Shred-It indicates that the incidence of data breach among American companies continues to escalate, and employee negligence is the largest component of the problems. Shred-It’s 2018 State of the Industry Report states that 32 percent of U.S. corporations in their tracking survey reported data security incidents, up 10% from 2017.
84% of corporations and half of smaller businesses believe that employee negligence is their biggest information security risk. Employers also believe that the risk of data breach increases when employees work remotely. The stats bear out the concern. 69% of incidents reported by large corporations were due in some part to employee error, accidental loss, or deliberate sabotage.
At the same time, U.S. businesses may not be adequately training their employees. 89 percent of large company execs report that there are policies in place, but 18 percent question whether their employees are aware of the policies. 78 percent report that they train on information security policies and procedures at least once a year.
The European Union’s General Data Protection Regulation, now applicable to any company doing business with residents of the EU, imposes tight standards for how companies store and handle data and how they inform their customers about their policies. GDPR has raised awareness of data standards, even for smaller companies as have high profile incidents like the Facebook/Cambridge Analytica scandal.
U.S. Consumers say that data protection is important to their purchasing decisions:
- Which bank to use (92%)
- Which legal firm to hire (83%)
- Their choice of employer (81%)
- Selection of hotel (77%) and car dealership (75%)
Shred-it recommends that businesses implement physical safeguards to protect information, that they evaluate third-party access to confidential data, and that they develop a corporate policy for data stored on mobile devices. In addition, businesses should implement policies for destruction of used hard drives and permanent erasure of data at the end of equipment service life.
2018 State of the Industry Report | North America, Shred-It International, 2018.