Canadian workers unaware of company security rules: Poll

A survey on data security practices in large and small Canadian firms indicates that many workers are not aware of their company’s rules around data protection.

More than 57 per cent of C-level executives in large Canadian companies reported that although they have security protocols covering data security, storage and destruction, not all employees are aware of them, according to a survey by public opinion research Ipsos Reid for data security and destruction firm Shred-it.

The survey covered 1,000 small business owners and 100 C-suite executives of large Canadian businesses in different industries.

As many as 40 per cent of small business owners admit they do not have a document security protocol in place and 22 per cent of small business owners that they are either not aware of or “not very aware” of their industry’s legal requirements for storing and disposing of confidential data, the survey found.


Lost client data not encrypted IROC
Bill calls for mandatory data breach reporting

“The figures show us that people underestimate a data breach’s potential of creating trouble for a company and its clients,” said Bruce Andrew, vice-president of marketing for Shred-it. “Many workers and decision-makers are just complacent and not mindful of the dangers.”

For example, he said, only six per cent of small businesses and 24 per cent of large businesses train their staff on the company’s information security policies and procedures twice a year.

“Many organizations opt to train their employees on an as-needed basis or not at all,” said Andrew.

These findings he said dovetail with results of a recent survey by the office of the Privacy Commissioner of Canada, which revealed that only 13 per cent of Canadian businesses are taking the protection of personal information seriously.

The financial impact for businesses that experience is on the rise, he added.

As many as 15 per cent of large businesses reported losing upwards of $500,000 in 2013, up from just three per cent in 2012, said Andrews.

He also said that it is critical for businesses to ensure that sensitive and personal data is protected down the supply chain.

“Businesses may not realize that, while they may have implemented a strict policy of protecting confidential data, the information they share with partners and vendors may not be secure,” Andrew said. “All it takes is one gap for a breach to occur and a company’s reputation to be damaged.”


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now