In August I wrote about how you can protect your business against cyber attacks. External threats are real and dangerous, but so are the potential threats from within your business. While you may not like to point the finger at your employees, internal mistakes can and do happen. Leaks and data theft can pose a threat to your business’ reputation – one that you may never be able to recover from.
Your clients may have sympathy for you when it comes to things outside of your control but when breaches and mistakes are made from one of your own employees, doubts about the integrity of your business and how seriously you treasure confidentiality will linger.
You may believe that ‘it will never happen to my business’, but it happens more often than you think. New research by Direct Line for Business reveals almost a third (31 per cent) of UK small business owners have experienced critical business issues that have had a damaging impact on their business and a knock-on effect on their clients. These incidents include damage to a client’s business reputation following consultancy services, injuries sustained on a company’s premises by clients and the loss of confidential data.
The research also showed that bigger businesses are more likely to experience these problems. Only eight per cent of sole traders have experienced problems, compared to 25 per cent of micro businesses (enterprises with up to nine employees), 41 per cent of small businesses (10 to 49 employees) and 62 per cent of medium businesses (50 to 249 employees).
The survey results also showed that the most common incidents were employees being injured on site (29 per cent), having an employee steal money or information from the company or a client (21 per cent), losing a client as a result of giving poor advice (19 per cent) and having a client experience a financial loss because of service provided (18 per cent).
What’s more, the survey revealed that over two thirds (70 per cent) of small business owners who have experienced these issues said the incident had impacted their business, with the most common outcome being that they had to pay the compensation out of their own pocket. Other consequences included loss of staff and clients as well as a bad reputation to boot.
So how can you prevent data theft? Security that surveys and prevents both external and internal data breaches is paramount. So is keeping up with regulation pertaining to data protection like the General Data Protection Regulation that I wrote about last month. Failing that having good professional indemnity (PI) cover, which includes breaches of confidentiality by both current and former employees, is important too.
Direct Line says that over a quarter (28 per cent) of SMEs claim not to need PI cover. Worryingly, 24 per cent of the remaining businesses don’t have any PI cover in place, with eight per cent claiming not to be familiar with PI at tall. Of the companies that told Direct Line that they do have cover, more than one in five (22 per cent) have had to make a claim on it, with 10 per cent having to claim on it on multiple occasions.
There’s no doubt that plans have to be in place to prevent harm from internal as well as external data breaches. Without it, you’ll have to pay for any damages yourself. And if it ends up costing you in reputational damage it may be something you cannot afford.