British companies are facing severe financial penalties, of up to $100m because their employees ignore the company’s guidelines on confidential information.
The EU General Data Protection Regulation (GDPR), which came into force in under a year, found that 8% of workers had access to private data that they must not have had. In comparison, 24% had information stored in the public cloud, even if they are not allowed.
Other results from Sharp’s research showed that 23% make use of public file-sharing websites without commercial approval, and 31% disregard office procedures by taking uncompleted work home.
Unluckily, ignorance is not a sufficient defence for all employees, particularly those who work in the human resource department and ignore IT information policies. Sharp discovered that 30% of HR respondents stored data in the public cloud and ignored the policy.
Stuart Sykes, general manager of Sharp Business Systems, said that it was up to companies to strike the correct balance between contemporary work methods and secure data exchange. He also emphasized that since 75% of the labour force is now mobile and 81% of workers have access to work documents anytime and anywhere, to keep up with the workers, companies have a lot to do.
The issue is widespread and is not limited to digital data. About two-thirds (59%) of employees said that their colleagues left printed pages in the printer compartment.
Data protection and security specialist Dr Karen Renaud said that as long as companies continue to ignore implicit or unsafe behaviour, security is continuously sacrificed.
Companies need to considerably improve the training of their employees if they need to enhance their safety and even allow remote GDPR violations to be avoided.
The study is based on replies from 6,045 office employees in the EU and 1,006 office workers in the UK.