New research has revealed that human error and hardware failure are the two main reasons for data loss in organizations in the UK. The findings come as part of Databarracks’ Data Health Check report, a survey of over 400 IT decision makers.
The report states that 24 percent of organizations admitted to a data loss caused by employee accidents in the last 12 months. Other high-scoring causes of data loss included hardware failure (21 percent) and data corruption (19 percent).
Oscar Arean, technical operations manager at Databarracks, commented on the results:
“Human error has consistently been the biggest area of concern for organizations when it comes to data loss. People will always be your weakest link, but having said that, there is a lot that businesses could be doing to prevent it, so we’d expect this figure to be lower.
“The results weren’t consistent across all organizations though. When we broke them down by business size, we saw that for the second year in a row, it was actually hardware failure, which contributed the most towards data loss across large organizations at 31 percent (up from 29 percent in 2014).
“This isn’t surprising as the majority of large organizations will have more stringent user policies in place to limit the amount of damage individuals can cause. Secondly, due to the complexity of their infrastructure, and the cost of maintaining it, large organizations may find it more difficult to refresh their hardware as often as smaller organizations, so it’s inevitable at some point it will just give out.”
Arean goes on to suggest that SMEs should adopt more of a big business ethos when it comes to managing human error:
“The figures we’re seeing this year for data loss due to human error are too high (16 percent of small businesses and 31 percent of medium businesses), especially considering how avoidable it is with proper management. I think a lot of SMEs fall into the trap of thinking their teams aren’t big enough to warrant proper data security and management policies, but we would disagree with that.
“In large organizations, managers can lock down user permissions to limit the access they have to certain data or the actions they’re able to take – this limits the amount of damage they’re able to cause. In smaller organizations, there isn’t always the available resource to do this and often users are accountable for far more within their roles. That is absolutely fine, but there needs to be processes in place to manage the risks that come with that responsibility.
“Of course small organizations don’t need an extensive policy on the same scale that a large enterprise would, but their employees need to be properly educated on best practice for handling data and the consequences of their actions on the business as a whole. There should be clear guidelines for them to follow.”