The risk of unmanaged data being lost or stolen has never been so great. What can employers do to make sure we protect the data in our business?

Have you ever noticed the ill-matched absurdities of on the one hand, the Data Protection Act (one of the most misunderstood, misused, misquoted pieces of legislation I have ever come across) and the opposing effect of the goldfish bowls in which we place ourselves via vehicles like Facebook and Twitter? Couple this mis-match with the “kiss and tell” mentality of the tabloids, read by most of the population and you can see that discretion and keeping a stiff upper lip are rather out of fashion and the overall message about discretion and data security is confused.

We need to un-confuse ourselves and be clear that firm data management is essential. Social trends inevitably enter the workplace, creating risks for employers and those with who they deal. The cycle of technological change is now extremely fast. Mobile working has extended the office to trains, cars, home and on foot. Quicker and more diverse internet connections, and cloud computing have been great for business. But all of this also creates risks which we have to identify and deal with robustly. 

The potential to leak, lose or have data stolen is now considerable. We’ve all heard with varying degrees of horror, of laptops containing thousands of personal details (without even being password-protected in some cases) stolen from cars. Memory sticks get lost, files are left on trains, employees use unprotected Bluetooth devices in public and can find that information is stolen from them electronically.

How can employers manage the security of information, but more importantly instil a culture of discretion when it comes to sensitive information about the organisation, employees and associates, or about people who deal with the organisation?

What sort of things do employees do that poses a data security risk? Here are the top nine risks according to data security experts.

The Data Protection Act places a legal duty upon us to protect personal data i.e. any information about an individual held on computer or in organised filing systems that could identify the individual, either on its own or together with other information your business or a third party holds. Train employees to understand what we mean by sensitive data and provide guidance as to the way such data should be managed.

Companies have to protect their human and intellectual assets, now more than ever before. Taking precautions now will reduce both risk and liability.