Threat or opportunity?

Regulation and data protection in small businesses

Published/updated: June 2010

By Martin Atherton

In a nutshell:

When it comes to data protection and information security regulations, the outlook for small businesses in EMEA is in the balance. On one hand, their awareness of the requirements and obligations they are under is good. However, in practice, capabilities to meet those obligations are weaker than they should be and technologies that can help are under-exploited.

Key points:

  • Regulation does matter to smaller businesses. Many have policies in place to guide them, but policies don’t always equal processes and capabilities
  • Cracks appear when we examine the ways in which small businesses ‘do’ compliance: Less than a third have anything formal in place to help them achieve it
  • Small businesses are taking unnecessary risks: Most have no way of managing information retention, deletion and archiving or discovery, or rely on manual techniques
  • It is possible to address these areas with relatively little effort and cost to gain significant benefits such as the protection of information assets and ultimately, the business.


Featured Content