Small firms urged to act as data security fines hit £1.8m


Small businesses have been urged to put measures in place to prevent data security lapses after the number of firms breaching rules increased.

Companies which allow private information to be accessed easily can face hefty fines. The number of warning notices for data security lapses issued by the Information Commissioner’s Office (ICO) reached 68 in the year to June 3. This was an increase on the figure of 46 for the previous year.

The ICO issued 15 fines totalling £1.8m over the past year, compared to just six fines worth a total of £431,000 in the previous year.

Private organisations which lose data are increasingly facing action from the ICO, although most of the fines are still handed to public bodies, according to analysts with Syscap.

Small businesses can be particularly vulnerable to crackdowns from the ICO because they do not have the appropriate safeguards to properly monitor and track their ICT equipment, researchers said.

The ICO recently released a best practice guide on how smaller firms could keep their data safe.

Data security expert Graeme Batsman, director of Data Defender, said he was not really surprised to see an increase in the number of data security lapses made by businesses.

“Most people think data security is about plonking a hardware firewall and antivirus on each computer. It is not and it is more about controlling/securing people, data and devices. It is no good having a firewall if a laptop disappears.

“The ICO only fine a very small percentage, under 5% I believe, so the government is nearly saying it is fine to break the rules. Most fines go to larger companies or public sector, so again small business are less interested

“The government could help by releasing guides which small-to-large companies can understand. Even IT experts and lawyers can find it hard.”

He continued: “The ICO’s latest small business security guide was the most decent yet but could be a little more helpful. Unlike larger businesses, smaller ones’ reputations can be tarnished and do not have the large PR departments.

“A loss of a licence (FSA maybe) can kill a small company 100%.

“Small businesses have fewer customers and the percentage of each customer is worst. Lose two or three and your ratio turnover is down greatly.”