GDPR is watching. British firms unsure of basic data protection policies and many still use USB sticks as primary storage solution
New research from Seagate makes for somewhat depressing reading about the data habits of employees at the UK’s small and medium-sized businesses (SMBs).
The Seagate research suggested that only 35 percent of SMBs have company storage centralised with on-site servers. Another 29 percent use cloud-based storage solutions (lets hope they encrypt the data first), but worryingly 23 percent (a fifth) of UK SMB staff say they use portable storage such as USB drives as their primary way of storing company data.
This is despite the fact that UK businesses from June have to contend with the General Data Protection Regulation (GDPR), which promises much tougher penalties as it gives individuals the right to know how their data is used and to decide whether it is shared with other firms or deleted.
The Seagate research gathered the responses of 1,006 UK SMB employees, and probed them about their employers’ data storage practices, preparedness for GDPR, cybersecurity policies, and how often they delete outdated files from their work computers and company servers.
The results revealed some very sloppy habits at British firms which suggested that that many British companies are finding it hard to store and manage their company’s data effectively.
The fact that many SMBs lack a centralised storage server and instead store company data in disparate locations of course represents a significant security risk, as well as making it time-consuming for staff to sift through lots of documents to find what they need.
The fact that many still utilise USB sticks to store company data is also a major concern, considering their tendency to get lost and the risk USB sticks pose when malware infected USB drives are plugged into corporate computers.
The Seagate research also said that British work habits are changing thank to flexible working policies, with 14 percent of staff working from home, according to the Office of National Statistics.
But Seagate’s research actually found that two thirds of those surveyed work from home, but this does present challenges.
For example nearly half (49 percent) of UK SMB employees who work remotely report having difficulty accessing their work files whilst out of the office, and 46 percent of staff at companies with 50-99 employees run out of space for their data at least once per month
But at least the Seagate research found that most firms are aware of the importance of backing up their data, with backups happening 15.4 times per month, or approximately once every two days.
Seagate also found that over a quarter (28 percent) of SMBs back up their data at least once per day.
But again, there is a lot more to do than just backing up data on a regular basis. For example over half (52 percent) of workers at companies with 10-249 employees report not deleting items off their work computers more frequently than once per month.
Even more concerning, four in ten (44 percent) of UK SMB workers either aren’t sure of their company’s GDPR policy, or say it doesn’t have one.
And 15 percent of UK SMB workers say their company has suffered a data breach or cyberattack.
Almost a quarter (23 percent) of employees reported their company does not have a plan of action in the event of a data breach or cyberattack, and 37 percent did not know if there was a plan in place.
“Britain has nurtured an impressive ecosystem of entrepreneurs and SMBs over the past few years,” said Alessandra de Paula, director of channel marketing EMEA at Seagate.
“These businesses are ambitious, driven, and looking for rapid growth in markets often packed with incumbent big players,” said de Paula. “In this landscape it’s easy to appreciate why data management, data protection and regulatory compliance aren’t always top of the priority list.”
“However, data is the new currency of the digital age; and SMBs that take control of their company data will find that it pays dividends in the increased productivity and efficiency their employees will demonstrate when they are able to access the data they need, wherever they need it,” said de Paula.
SMBs are highly advised to consider some form of NAS (network attached storage) device and to educate their workforce about the firm’s data policies.
Last year research from Big Data LDN and Hortonworks painted a more optimistic picture of the storage habits of large British corporations.
That report suggested that the UK’s data experts are “world-class and the UK can easily cope in future, especially in the face of increased EU data protection laws by providing more opportunities to capitalise on the hidden value of both existing and new datasets.”