Company acquisitions can have a devastating impact on information security and management, with the employees of acquired firms more preoccupied with the potential impact on their role than with the need to effectively integrate the information of both companies, according to new European research[1] by storage and information management company Iron Mountain. This lack of focus during an acquisition could leave information at increased risk of loss or exposure. The picture is different when companies merge, and employees stay focused on integration and ensuring company information remains well managed.
The top two information concerns of employees at acquired firms are: confusion around responsibilities for managing the information (34 per cent) and the prospect of change to their information management systems (33 per cent). Just over a quarter of employees (27 per cent) at acquired firms worry about consolidating different sets of customer or company records, and less than one in five (17 per cent) worry about how to deal with data discrepancies, duplication and overlap.
This contrasts sharply with the concerns of staff at the acquiring firm, where 41 per cent worry about integrating the two data sets and 34 per cent are concerned about the quality of the data.
Furthermore, one in three employees of acquired firms say there are no policies for integrating records or protecting customer data compared to just 19 per cent of those at the acquiring firm. Paper records are a serious concern, with 44 per cent of newly acquired firms saying there is no process for integrating paper into new digital systems, and 31 per cent saying the same for the storage of the paper archive.
The picture for company mergers is very different, with employees at both firms focused equally on addressing the main aspects of information management. Nearly three quarters (71 per cent) of employees feel supported in record integration during a merger, and nearly two thirds (62 per cent) feel the same about the protection of customer data.
Discussing the findings, Charlotte Marshall, Managing Director of Iron Mountain in the UK, Ireland and Norway said: “Information management is often an afterthought when companies merge. However, given the value of information and the desire of merging firms to rationalise cost structures, it should be a priority. Joining forces with or acquiring another organisation provides an opportunity for firms to re-evaluate their information management programmes and make the changes required to drive consistency, increase security and improve access to information.”
“Our study shows that the emotional impact of acquisitions can cause employees to lose focus on how information is managed. Information on paper is particularly vulnerable, with many firms having no effective storage or integration plans in place, thereby leaving potentially valuable data at increased risk of loss or exposure. Because employees can feel insecure and unsupported during times of change, communication is key. Consistent and clear instruction on how to deal with the information challenges ahead will help employees to understand how information should be managed going forward, where the key responsibilities lie, and what advantages new information management processes can bring.”
About Iron Mountain:
Iron Mountain Incorporated (NYSE: IRM) is a leading provider of storage and information management solutions. The company’s real estate network of 64 million square feet across more than 1,000 facilities in 36 countries allows it to serve customers around the world. And its solutions for records management, data backup and recovery, document management and secure shredding help organisations to lower storage costs, comply with regulations, recover from disaster, and better use their information for business advantage. Founded in 1951, Iron Mountain stores and protects billions of information assets, including business documents, backup tapes, electronic files and medical data. Visit www.ironmountain.co.uk for more information.
[1] Opinion Matters for Iron Mountain, the study surveyed 1,257 office workers who work in either manufacturing & engineering, legal, financial, pharmaceutical or insurance firms in the UK, France, Germany, The Netherlands and Spain.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.