...

The Real Cost of Data Loss for Small Companies

Table of Contents

Why Data Loss Is a Major Risk for SMEs
  • Businesses today depend on digital information to perform their everyday tasks.
  • The majority of business data is stored in either computer systems or cloud systems (such as emails, invoices, etc.).
  • For a majority of small and medium enterprises (SME's), the information that they collect is required in order for them to carry out business.
  • Most small business owners do not fully comprehend how serious a risk data loss can be to their business.
  • When data is lost, businesses cannot operate, and many important projects will be delayed due to the loss of the data.
  • Losing your data can negatively impact your business relationships with your customers.
  • When businesses need to recover their data, it often costs more than they expect.
  • When companies use proper backup and data protection strategies, they minimize the possibility of experiencing data loss.
What Counts as Business Data
  • Many organisations fail to appreciate the extent to which their entire operation depends on data and in fact, there’s way more to business data than you might think.
  • Business data consists of:
  • Emails and other forms of correspondence
  • Customer and Supplier details
  • Financial records including accounts, invoices and payroll
  • Contracts or other forms of agreements
  • Shared documents / spreadsheets
  • CRM Systems
  • Cloud data storage such as Microsoft 365 files
  • To put it simply: if you need it to run your business, it’s considered to be critical data.
Common Causes of Data Loss
  • Let’s take a look at how data loss happens in SMEs in the UK…

Accidental Deletion

  • An employee accidentally deletes a folder they think is no longer required to be saved

Hardware Failure

  • The laptop or server fails, thus the files are no longer available to be accessed.

Ransomware Attacks

  • The files will be encrypted and cannot be used without a ransom payment.

Phishing Attacks

  • Login credentials have been taken which allows for someone to gain unauthorised access and delete files.

Cloud Misconfiguration

  • Files will be deleted or made public when the system administrator sets them incorrectly.

Employees make mistakes

  • Files could be overwritten, moved, or incorrectly edited.

Jeopardised or Stolen Equipment

  • Laptops or mobile phones are lost that contain important files.
  • Each of these happens regularly and are considered day-to-day risks.
The Hidden Financial Cost of Data Loss
  • The real financial loss for lost data is much more than just “lost files”.

1. Lost Productivity

  • If employees do not have access to company files:
  • Work is stopped
  • Deadlines cannot be met
  • Teams are idle
  • Losing even one day of productivity will cost the company thousands of dollars.

2. Recovery Costs

  • Recovery of lost data can be expensive to the company when utilising IT resources:
  • Emergency support calls
  • Specialised recovery programs
  • Investigative time required

3. Emergency IT Services

  • Many SMEs pay over the top for emergency support.

4. Lost Sales/Contracts

  • To miss deadlines due to untimely support or to lose proposals is to remove opportunities to make money.

5. Operational Downtime

  • If the businesses’ operational systems are not operational then:
  • No orders can be completed.
  • No services will be flagged for completion.

6. Compliance Liability

  • It is expected that businesses will manage their data in accordance with requirements set out under different frameworks (e.g. UK GDPR) and, when there are issues related to data loss, this creates potential liability for those businesses, specifically surrounding their customers’ data.

Creating Trust with Customers

  • Once customers have been impacted, it is difficult to turn that trust around.
Operational Disruption Caused by Data Loss
  • The impact of data loss can go beyond monetary value; it can also impact how your business operates as well.
  • Typical items that occur when a business loses data:
  • Employees not able to perform their jobs
  • Projects are delayed
  • Deadlines are missed
  • There are higher levels of stress among teams.
  • Many SMEs can experience a great deal of operational disruption when downtime occurs for only a few hours.
Reputational Damage and Customer Trust
  • There is an expectation for customers to receive a reliable service.
  • If your business suffers:
  • Data loss
  • Misses deadlines
  • And/or is unable to deliver services, your reputation can be damaged.
  • Depending upon the industry, your reputation can mean the difference between staying in business or closing shop!
Regulatory and Compliance Considerations
  • As a business, you are not only responsible for the protection of data you possess (whether it be customer or employee related), but you are responsible for:
  • The security of data.
  • The availability to access that data as needed. (systems to access)
  • Managing the retention of that data.
  • This guide does not provide legal suggestions or advice; however knowing there could be regulatory consequences from the data loss is an important consideration as some forms of data include customer data.
Why Many SMEs Underestimate the Risk
  • There are a few common reasons SMEs underestimate the potential for data loss:
  • "We are too small to be targeted."
  • "Our cloud vendor handles everything you have, so we should be fine."
  • "We have never had any issues in the past."
  • "The cost of having back up is either too high or too difficult to implement."
  • Unfortunately, the four statements above tend to lead to issues after the fact.
Questions to Ask About Your Backups
  • Inquiries Regarding Your Backups:
  • Do we have multiple backup copies?
  • How fast can we restore lost data?
  • For how long will we keep our backup copies?
  • Are our backup copies safe from potential ransomware threats?
  • When was our most recent test of our backup copy?

FAQs

Very frequently, most cases of data loss are due to everyday accidents rather than large-scale attacks.

Accidental deletion (understand, that is the general term) and human error.

It varies, recovering data without a backup typically takes days and may not even be possible.

By combining good security practices with a reliable backup system.

Using automated backups on a regular basis, which are stored separately from your other computing equipment.

About This Guide

This Guide was created by the Computer Support Centre as a resource for small and medium-sized companies to understand how serious data loss can be with effect to their businesses. Companies today use a large amount of email, financial records, documents, and cloud-based applications such as Microsoft 365 to accomplish their day-to-day business operations.

The Guide covers what business data is, how data loss most commonly occurs, and why many small businesses underestimate the risk of losing data. The Guide also outlines the hidden costs of losing important data that affect a company’s bottom line and/or business operations. The Guide includes case studies and questions that will enable companies to evaluate their current data protection strategies.

The primary goal of the guide will be to provide business owners with an understanding of the importance of data protection and good backup practices to ensure that their business operations protect against loss of data.

Conclusion

Small and medium-sized enterprises are at greater risk for data loss than larger companies. Data loss can occur due to accidental deletion, hardware failure, cyberattacks, and/or human error. When an organisation loses critical data, it can have a negative effect on financial performance, operational efficiency, and the confidence of customers in the organisation. These events may lead to severe repercussions for the affected organisations.

It is common for SMEs to underestimate the potential effects of data loss until it happens. They frequently lack either adequate hardware or adequate backup solutions to restore lost data following a failure. SMEs may find it extremely expensive and/or time-consuming to recover from data loss or may even not be able to do so at all.

The risk of data loss can be dramatically decreased by implementing a reliable backup solution, improving cybersecurity procedures, and routinely testing the data recovery process. Protecting data is essential to the day-to-day operation of an organisation as well as long-term viability, customer trust, and regulatory compliance.