It’s not all about BYOD; data security also remains a low-tech issue

Oliver Letwin dumps government secretsWhile firms worry about the loss of data through the practice of BYOD, employees continue to find low tech ways of breaching security according to a report from Iron Mountain. While under half (42 percent) of employees describe their organisation’s approach to hard copy as secure, one in ten describe it as chaotic. Nearly half claim to have seen confidential information lying around in the usual places such as on desks or photocopiers. The most common types of information exposed in this way are details of salaries and performance reviews as well as commercial and financial data, although many will remember the scandal that broke two years ago when Government minister Oliver Letwin (above) repeatedly dumped classified information in a park bin including some about Al Qaeda, Libya, Afghanistan, the Dalai Lama and Aung San Suu Kyi.

According to the survey behaviour of this sort is only partly down to human error or downright stupidity. Nearly a quarter of UK firms (22 percent) have no rules about data security and how to manage paper documents while 58 percent have no central archive. Just six percent of firms employ a data protection manager although the role might become compulsory if the proposed introduction of the EU data security directive comes into law. At the end of October of this year, the European Parliament voted in favour of the new Data Protection Directive, with approval for fines for breaches to be raised from 2 percent to 5 percent of a firm’s global turnover.

The Iron Mountain report also explores some of the issues around paperless working. Around ten percent of respondents claim they work in paper-free offices so the issue of hard copy storage and data security is irrelevant. Perhaps unsurprisingly respondents from IT  were most likely to describe their office as ‘paper-free’ (17.5 per cent), with those in the legal team least likely (6.5 percent). However, equally unsurprising is the fact that legal teams are most likely to have a managed central archive (57 per cent).