SMEs not on top of data security

UK SMEs are putting confidential information at risk despite their of data security concerns.

12/06/2015, news

Research from Shred-it reveals that despite 88% of SME business owners  claiming they are aware of their legal data protection requirements, this is still not translating into action with  fewer than a third of SMEs (28%) carrying out frequent information security audits.

Robert Guice, Executive Vice President Shred-it EMEA said: " “While it is encouraging to see data security awareness improve among UK businesses, it is simply not enough to be aware of the risks and legal requirements associated with information security, businesses in the UK must put this into action.

“SMEs are in serious danger of damaging existing relationships with larger businesses by not putting as much emphasis on information security as their C-suite counterparts.”

The survey also reveals that 27% of SMEs have no protocol in place for storing and disposing of confidential data.

The research also highlighted that SMEs were not aware of the overall impact to their business if these protocols are not put in place. 

Only 10% of SMEs claim that a data breach would seriously impact their organisation despite the potential legal, reputational and financial repercussions.

To find out more about data security visit the Information Commissioner's Office website

Source:, 2015.