New study reveals lack of awareness from UK law firms towards crucial document security issues
A new study by Altodigital, the UK’s leading independent supplier of digital print and document solutions, has revealed law firms could be compromising their confidential data and falling foul of data protection laws due to a lack of concern towards document security.
The study, which questioned more than 80 decision makers of law firms across the UK, revealed little awareness towards data security measures, with 47% of firms not locking away laptops at night, 41% failing to regularly change security passwords, 34% leaving important documents un-shredded, and 27% failing to use firewalls.
Among the most worrying findings was the overwhelming lack of knowledge around external print or scanning devices storing data sent to them on an internal hard drive, which can pose a potential hacking risk if they are connected to a company network and not protected properly.
Nearly half of respondents (45%) admitted taking no measures towards protecting the data stored on these devices, while over one-in-six (17%) failed to wipe the internal hard drive when the device is given away (19%), sold (17%) or dumped (9%).
The implications could be serious: nearly two thirds of firms regularly scan security-sensitive documents, including passports (63%), bank statements or financial records (63%), birth certificates (50%) and utility bills (44%) meaning they could risk falling foul of data protection laws. Proposed new EU regulations could see any company that holds personal information fined 2% of their annual turnover if caught breaking the guidelines – a cost firms can ill-afford.
Not only that, but potentially millions of sensitive documents could end up in the wrong hands or possibly be used for fraudulent activity.
This comes against the context that 23% have already had their IT systems hacked at some stage in the past, not to mention the ongoing threat of ‘internal’ security breaches resulting from staff accessing confidential documents.
Conducted in January 2013, the study sought the views of 84 decision makers at law firms across the UK when it came to document security as well as printer, scanner and photocopier practices.
Tony Burnett, group sales director at Altodigital, said: “The nature of the legal industry – where practitioners regularly handle extremely sensitive information – means document security should be of paramount importance and one that should be managed right from the very top.
“Despite what many may think, better document security comes down to taking common sense precautions, such as deleting internal hard drives before disposing of equipment, ensuring devices are correctly setup and configured to mitigate potential breaches, and internal security policies are implemented, as well as having an effective and secure managed document services infrastructure.
“Our message is clear: can you really afford to be complacent to these issues given the significant financial cost and potential for brand damage? Print technology is currently advancing at an intense rate, and with the upsurge in functionality and productivity, it also increases the risks posed to sensitive data travelling through devices. With the implementation of simple policies you can significantly increase the protection of your documents.”