HP has released its latest Australia IT Security Study, a survey exploring the IT security attitudes and behaviours of Australian SMEs and the second of its kind undertaken by HP Australia this year. The study has revealed many Australians are choosing not to share their personal information with SMEs, likely due to growing data privacy concerns, despite SMEs indicating that this data is critical to their success.
In the wake of a series of high-profile data breaches, 46 per cent of Australian SMEs surveyed said that their customers are increasingly opting out of data collection and sharing. Even business owners themselves were found to be wary, with 67 per cent stating they are uncomfortable with other businesses storing their personal data.
This finding is concerning since the study also found access to customer data, such as names, contact details, banking or payment details, and even buying behaviours, is playing an increasingly critical role in the day-to-day business operations and competitiveness of Australia’s two million-plus SMEs. Customer data is integral across the business, from product development to sales and marketing. Half of SMEs surveyed (49 per cent) said access to customers’ personal information is essential to their day-to-day business operations, while 60 per cent said they needed detailed customer information to deliver more personalised customer services and to ultimately grow their business.
A key barrier to customers providing their personal information could be a lack of confidence that their data will be kept secure. Indeed, the Office of the Australian Information Commissioner (OAIC) has reported that personal contact information such as home address, email and phone number details feature in 89 per cent of data breaches.
“The past year has seen a number of high profile data breaches, which has no doubt increased consumer wariness around how businesses collect, use and store their personal data,” said Paul Gracey, interim managing director, HP South Pacific. “In a climate where most Australians have some nervousness around maintaining their privacy, SMEs need to be extra diligent in maintaining their role as trusted custodians of a customer’s most personal information.”
Despite these growing data privacy concerns, many Australian SMEs remain unaware of the potential costs involved and the steps they need to take to protect their customers’ information.
The HP Australia IT Security Study 2018 found that 42 per cent of Australian SMEs surveyed had not completed an IT risk assessment and a further 17 per cent weren’t sure if they had or had not completed an assessment. Of these, over one-in-three cited cost and a lack of knowledge and skills as the greatest barriers to completion.
“The fact that Australian SMEs are strapped for resources and cash isn’t news. What the study did uncover was the extent of this problem: just 39 per cent of SMEs have a dedicated IT security specialist protecting their infrastructure and their customers from a data breach. In over a quarter of cases, business owners themselves are responsible for IT security,” Gracey said.
“HP’s research has found that most business owners understand that a data breach has the potential to cost them customers, revenue and their reputation. But they are naturally laser-focused on growing their business and doing what they do best, rather than IT security, so need to look to technology partners to help them navigate these new data privacy imperatives,” he added.