Data Breaches Threaten Small Businesses: Ponemon
The primary causes of the data breaches were employee or contractor mistakes, such as lost or stolen laptops or smartphones.A Ponemon Institute survey of small businesses throughout the United States found that 55 percent of those responding have had a data breach, almost all involving electronic records, and 53 percent had multiple breaches, suggesting the nation’s small to midsize businesses (SMBs) are at serious risk of a data breach. The primary causes of the data breaches were employee or contractor mistakes, such as lost or stolen laptops, smartphones and storage media, as well as procedural mistakes. Only 33 percent notified the appropriate people affected, even though 46 states require that individuals be contacted when their private information is exposed. At least 85 percent of those surveyed said they share customer and employee records with third parties such as those providing billing, payroll, employee benefits, Web hosting and IT services. When asked which type of lost or stolen data was more likely to harm their business, 70 percent agreed the loss of personally identifying information was more damaging than confidential company data. "Smaller companies are targeted by data thieves, but they often don't know how to respond when sensitive information they keep on customers and employees is lost or stolen," vice president of Hartford Steam Boiler Eric Cernak said in a statement. "Failing to act in a timely and effective way can harm the reputation of businesses and even risk legal penalties in many states."
The survey, conducted for The Hartford Steam Boiler Inspection and Insurance Company (HSB), part of Munich Re, also indicated sensitive information is more likely to be compromised when the data has been outsourced.