UK companies see employees as top risk to GDPR compliance

Most UK companies consider their staff as the biggest threat to compliance with the EU’s General Data Protection Regulation, a survey has revealed

A large number of the UK’s 2.55 million businesses are at risk of huge financial penalties, as employees ignore company policies around confidential data. Research from Sharp has identified that one in 12 office workers (eight per cent) has had access to confidential information that they should not have had, and nearly a quarter (24 per cent) admit to storing work information in the public cloud even though they are not permitted to.

File sharing and taking confidential data out of the office were also widespread with nearly a quarter (23 per cent) using public file sharing sites without business approval, and a third (31 per cent) ignoring office protocol by taking work home to complete. Even the rule makers in HR are flaunting IT policy, with 30 per cent of respondents who work in HR departments admitting to storing information in the public cloud, potentially jeopardising personal data.

Stuart Sykes, managing director at Sharp Business Systems, says, ‘It is up to businesses to find the right balance between modern ways of working and secure data sharing. When you also consider that 75 per cent of the workforce is now mobile and 81 per cent of employees access work documents on the go, businesses need to do more to keep up with their workers.’

Security and privacy expert Dr Karen Renaud says that the results showed a need for businesses to provide better support for employees, ‘As long as businesses continue to require or implicitly overlook insecure behaviours, security will always be sacrificed.’


Gregory Olczyk

Gregory Olczyk