Regulation and data protection in small businesses

By Martin Atherton

In a nutshell:

When it comes to data protection and information security regulations, the outlook for small
businesses in EMEA is in the balance. On one hand, their awareness of the requirements and
obligations they are under is good. However, in practice, capabilities to meet those obligations
are weaker than they should be and technologies that can help are under-exploited.

Key points:

  • Regulation does matter to smaller businesses. Many have policies in place to guide
    them, but policies don’t always equal processes and capabilities

  • Cracks appear when we examine the ways in which small businesses ‘do’ compliance:
    Less than a third have anything formal in place to help them achieve it

  • Small businesses are taking unnecessary risks: Most have no way of managing
    information retention, deletion and archiving or discovery, or rely on manual techniques

  • It is possible to address these areas with relatively little effort and cost to gain significant
    benefits such as the protection of information assets and ultimately, the business.




Leave a Reply