|By Business Wire||
|July 8, 2014 08:09 AM EDT||
A new study looking at the information security habits of Canadian c-suite executives and small business owners reveals that business leaders are becoming increasingly complacent. While Canadians are more aware of information security risks than ever before, Shred-it’s 4th Annual Security Tracker shows business leaders have taken little to no action to decrease risk of reputational damage or disruption to their business operations.
According to the study conducted by Ipsos Reid, small business owners are more aware today than they were in 2013 of the legal requirements concerning confidential data in their industry. Yet, for the second year in a row, only 46 per cent acknowledge having a protocol for storing and disposing of confidential data that is strictly adhered to by all employees, and 31 per cent admit to having no protocol in place whatsoever. Further, only 12 per cent of those surveyed admit to having both a locked container and a professional shredding service.
C-suite respondents share similar views to small business owners as it relates to information security. Only 42 per cent of c-suite executives admit to having a protocol in place for storing and disposing of confidential data that is strictly adhered to by all employees, and only half concede to having a locked container and a professional shredding service. The study also found that 10 per cent of c-suite respondents admit to throwing out sensitive documents without shredding them, a number which has risen significantly since last year.
“Organizations need to do more to ensure the safety of their confidential physical documents and digital data. Prioritizing information security by implementing policies and protocols that address all types of confidential information will decrease business risk,” said Bruce Andrew, Executive Vice President at Shred-it. “When you factor in the cost of recouping damages from a security breach, not to mention the reputational damage they can cause, it is increasingly necessary that business leaders educate themselves and action on best practices in information security.”
The security tracker also revealed that 63 per cent of small business owners have no cyber security policy in place for destroying digital assets, and almost half of small business owners surveyed have never disposed of hardware containing confidential information. When compared to the 33 per cent of c-suite executives who acknowledged having no cyber-security policy in place, it is clear there is plenty of room for improvement.
Canadian organizations are not alone in their battle to protect information and safeguard against digital data breaches. The Privacy Commissioner and Industry Canada have implemented legislation to govern how the private sector collects, uses and discloses personal information. That said, when grading the government’s response to information security, only 55 per cent of c-suite executives give the Canadian government a passing mark, suggesting the other half of respondents would like to see improvements.
“At Shred-it we assist businesses and federal government agencies in meeting compliance requirements brought forth by the Privacy Commissioner. We believe the government has done an excellent job focusing on the safety and security of individuals as part of its national security agenda,” says Andrew. “The secure destruction of confidential information is our top priority and we will continue to advocate for compliance education in Canada.”
Shred-it offers the following suggestions to help business leaders protect confidential information and begin establishing a culture of security:
- Demonstrate a top-down commitment from management to the total security of your business and customer information
- Implement formal information security policies; train your employees to know the policies well and follow them strictly
- Eliminate potential risk by introducing a “shred-all” policy; remove the decision-making process regarding what is and isn’t confidential
- Conduct a periodic information security audit
- Introduce special locked containers instead of traditional recycling bins for disposing of confidential documents
- Don’t overlook hard drives on computers or photocopiers. Erasing hard drives does not mean data is destroyed. Physical hard drive destruction is proven to be the only 100% secure way to destroy data from hard drives
Shred-it is a world-leading information security company providing information destruction services that ensure the security and integrity of our clients' private information. The company operates in 140 markets throughout 18 countries worldwide, servicing more than 300,000 global, national and local businesses. For more information, please visit www.shredit.com.
About Ipsos Reid:
Ipsos Reid is Canada's market intelligence leader, the country's leading provider of public opinion research, and research partner for loyalty and forecasting and modeling insights. With operations in eight cities, Ipsos Reid employs more than 600 research professionals and support staff in Canada. The company has the biggest network of telephone call centres in the country, as well as the largest pre-recruited household and online panels. Ipsos Reid's marketing research and public affairs practices offer the premier suite of research vehicles in Canada, all of which provide clients with actionable and relevant information. Staffed with seasoned research consultants with extensive industry-specific backgrounds, Ipsos Reid offers syndicated information or custom solutions across key sectors of the Canadian economy, including consumer packaged goods, financial services, automotive, retail, and technology & telecommunications. Ipsos Reid is an Ipsos company, a leading global survey-based market research group. To learn more, visit www.ipsos.ca.
About the 2014 Security Tracker:
Ipsos Reid conducted a quantitative online survey of two distinct sample groups: small business owners in Canada (n=1,006), and C-suite executives working for businesses in Canada with a minimum of 100 employees (n=100). This survey is considered accurate to within 3.5 percentage points had all small business owners been surveyed and to within 11.2 percentage points had all C-suites been surveyed. The fieldwork was conducted between April 28 and May 5, 2014.
"We got started as search consultants. On the services side of the business we have help organizations save time and save money when they hit issues that everyone more or less hits when their data grows," noted Otis Gospodnetić, Founder of Sematext, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 11:45 PM EDT Reads: 1,021
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, explained the best practices of continuous testing at high scale, which is rele...
Jul. 29, 2015 11:45 PM EDT Reads: 1,364
"We have been in business for 21 years and have been building many enterprise solutions, all IT plumbing - server, storage, interconnects," stated Alex Gorbachev, President of Intelligent Systems Services, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 10:45 PM EDT Reads: 1,024
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
Jul. 29, 2015 05:30 PM EDT
"We specialize in testing. DevOps is all about continuous delivery and accelerating the delivery pipeline and there is no continuous delivery without testing," noted Marc Hornbeek, Sr. Solutions Architect at Spirent Communications, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 05:15 PM EDT Reads: 362
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. In his session at @DevOpsSummit, Haseeb Budhani, CEO and Co-founder of Soha, shared five common approaches that DevOps teams follow to secure access to applications deployed in AWS, Azure, etc., and the friction an...
Jul. 29, 2015 04:30 PM EDT Reads: 498
"Alert Logic is a managed security service provider that basically deploys technologies, but we support those technologies with the people and process behind it," stated Stephen Coty, Chief Security Evangelist at Alert Logic, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 04:15 PM EDT Reads: 326
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Jul. 29, 2015 04:00 PM EDT Reads: 1,068
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to tran...
Jul. 29, 2015 03:15 PM EDT Reads: 396
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Jul. 29, 2015 03:15 PM EDT Reads: 240
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Jul. 29, 2015 03:00 PM EDT Reads: 466
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists addressed this very serious issue of pro...
Jul. 29, 2015 03:00 PM EDT Reads: 1,257
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
Jul. 29, 2015 02:30 PM EDT
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
Jul. 29, 2015 02:30 PM EDT Reads: 324
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
Jul. 29, 2015 02:00 PM EDT Reads: 1,169