Sage says e-businesses forget security basics

Companies spend on apps but neglect data protection

TODO alt text

British e-businesses are showing innovation but neglecting business fundamentals, according to a report from management software company Sage Pay.

Its third annual Sage Pay e-Business Benchmark Report shows that, while firms are investing more than ever in new apps and online technology to capture the growth in mobile transactions, it may be at the expense of basics such as data protection and fraud security.

Survey results show that 73% of the firms taking part in a survey are optimising their sites for mobile commerce and 22% have mobile apps.

But 18% of small businesses don't know if they comply with Payment Card Industry (PCI) regulations or not, and 58% don't understand it in the first place. Compliance to PCI standards ensures that consumer card data is secure.

Similar figures were recorded for larger companies.

Simon Black, Chief Executive Officer of Sage Pay, says: "Business simply cannot afford to ignore data protection. This means that consumer data is at risk and businesses face fines and reputational damage if there is a data breach.

"Fraud also remains a constant concern for consumers as well as businesses and should be high, if not highest on their agenda to address in 2013. The fact that some businesses aren't aware of whether they are PCI compliant is shocking."

Sage Pay, which is a subsidiary of The Sage Group, says the report reflects contributions from more than 1,500 small and large organisations in the UK. It defines a small e-business as one conducting fewer than 5,000 transactions per quarter and a large e-business as transacting over 5,000 transactions per quarter.