Workplace Mobility Making Canadian Businesses Vulnerable to Data Breaches: Shred-it Study

The annual Shred-it State of the Industry Report reveals Canadian businesses are not prepared for open-concept offices and off-site work environments.

OAKVILLE, ON, June 20, 2018 /CNW/ - Shred-it released its annual State of the Industry Report today which exposes information and data security risks currently threatening Canadian enterprises and small businesses and includes survey findings from the Shred-it Security Tracker. The study found that Canadian businesses, while embracing the concept of workplace mobility, are failing to implement proper data protection policies and staff training, putting them at a heightened risk of a data breach.

The survey findings, conducted by Ipsos, revealed the following:

• Almost 90 percent of C-Suite Executives (C-Suites) and half of Small Business Owners (SBOs) reported that their organizations offer flexible or off-site work environments to employees and more than two-thirds believe that the trend towards working remotely will increase over the next five years.
• However, the majority (82 percent) of C-Suites and almost two-thirds (63 percent) of SBOs feel that the risk of a data breach is higher when employees work off-site.

"In an era of increasing workplace mobility and one in which a single data breach can destroy a business's bottom line and reputation, companies have no choice but to make information security a priority," said Paul Saabas, Vice President, Shred-it. "One of the smartest things a company can do to differentiate itself today is to make data security a core part of its business practices and communicate this to consumers." 

The study also revealed that businesses are not addressing information security risks with the required training, policies and enforcement mechanisms:

• Thirty-eight percent of SBOs reported not having any protocols in place when employees use electronic devices containing confidential information.
• Forty-six percent of SBOs stated they have no policy for storing and disposing of confidential information when employees work off-site.
• Just 27 percent of SBOs offer employee training on using public Wi-Fi, compared to 48 percent of C-Suites.

Furthermore, only half of C-Suites reported that they train their employees on the following practices: keeping sensitive information out-of-sight when working in a public space (58 percent), sharing company-issued electronic devices with family and friends (53 percent), and keeping company-issued devices safe from interference at home (53 percent).

This oversight in employee training for both large enterprises and small businesses can have a huge impact on a company's bottom line and reputation if a data breach does occur.

Millennials and Data Security: Not as savvy as we thought

The study also examined millennials (18-34) and the topic of data security. The results were surprising – and concerning. Millennials, despite having grown up in the digital and mobile era, are lagging behind their generation X (35-55) and baby boomer (55+) colleagues when it comes to safe data protection practices.

• Forty-eight percent of millennials leave their notebooks on their desk after they leave work for the day, compared to 37 percent of generation X, and 21 percent of baby boomers.
• Thirty-seven percent of millennials report regularly leaving their computer on and unlocked after work, compared to 22 percent of those between the ages of 35-54, and 12 percent of those 55 and over.
• Only half of millennials regularly shred confidential documents, compared to 65 percent of generation X, and 52 percent of baby boomers.

"It really is quite surprising that millennials are not taking the issue of data security as seriously as they should," noted Mr. Saabas. "What the results show us is just because a younger person is comfortable using technology doesn't necessarily mean they are knowledgeable about privacy and data risk issues. Without the right training and behaviour, they could be putting their employer at risk, not to mention their own personal brand."

To learn more about the 2018 Security Tracker and to receive additional findings, download the 2018 Shred-it State of the Industry Report.

About the 2018 Security Tracker Study

Ipsos conducted a quantitative online survey of two distinct sample groups: small business owners in Canada (n=1,002), and C-suite executives working for businesses in Canada with a minimum of 100 employees (n=100). The precision of Ipsos online surveys are calculated via a credibility interval.  In this case, the Canada SBO sample is considered accurate to within +/- 3.5 percentage points had all Canadian small business owners been surveyed, and the Canada C-Suite sample is accurate to within +/- 11.2 percentage points had all Canadian C-Suite Executives been surveyed. The fieldwork was conducted between April 3rd and April 21st, 2018.

In addition to the quantitative online survey, Ipsos conducted a short omnibus survey among a gen pop sample of n=1,002 Canadians about data protection and security.

About Shred-it 

Shred-it is a world-leading information security company providing information destruction services that ensure the security and integrity of our clients' private information. Shred-it, a Stericycle solution, operates in 170 markets throughout 19 countries worldwide, servicing more than 400,000 global, national and local businesses. For more information, please visit www.shredit.com.

About Ipsos

Ipsos ranks third in the global research industry. With a strong presence in 87 countries, Ipsos employs more than 16,000 people and has the ability to conduct research programs in more than 100 countries. Founded in France in 1975, Ipsos is controlled and managed by research professionals. They have built a solid Group around a multi-specialist positioning – Media and advertising research; Marketing research; Client and employee relationship management; Opinion & social research; Mobile, Online, Offline data collection and delivery.

Ipsos is listed on Eurolist - NYSE-Euronext. The company is part of the SBF 120 and the Mid-60 index and is eligible for the Deferred Settlement Service (SRD). www.ipsos.com

SOURCE Shred-it

For further information: Alison Joutsi, NATIONAL Public Relations (for Shred-it), T: 416-586-1952, E: [email protected]; Katarina Kristanic, Director, PR, Media & Social, Shred-it, T: 905-491-2213, E: [email protected]