The Infographic (pictured right) is created by one of our vendor partners, Trend Micro. It suggests (putting it bluntly) that employees can take much of the blame for data protection breaches. 78 per cent of organisations have suffered from at least one data breach over the past two-years, but only 8 per cent cited external attacks as the main reason. Loss of laptops and other mobile devices is the biggest failing. It looks like us employees could be responsible!
Bring Your Own Device (BYOD) is rather under rated on this Infographic. It only makes number 10 on the riskiest employee practices list. However, I think the risk could be much higher, especially in SMBs. Using the right software, large businesses, which have their own “fleets of IT” can control device access, website access, data encryption, applications, and in the event of device loss, remotely wipe data too. SMBs by contrast rarely provide staff with devices for work use, but still need to protect (but probably don’t) corporate data held or accessed (intentionally or by accident) using an employee’s own device.
Legislation will only increase
Personally, I don’t think individuals are all entirely to blame. They may lose the devices or cause the data breach, but SMB owners also need to take data protection more seriously. For one thing, legislation in this area will only increase. It is interesting that the research behind the infographic suggests only 43 per cent of organisations protect sensitive information with data protection technology. I should imagine in SMBs that figure is much lower.
Consultancy first, product sell second
The Infographic really highlights some sweeping trends, but for me the biggest point on data protection is that every company is different; every company operates with different levels of protection sophistication. The biggest opportunities for resellers right now – with support from consultancy-led distributors and vendors - is to sell consultancy services to end-user customers. Consultancy first, product sell second. Resellers should now be working with business owners to provide security audits, to really understand how their businesses operate and then to help them find the security holes. In many cases, owners simply don’t realise they have a security hole!