Human error still accounts for many data leaks.
Independent IT security consultant Kevin Wharram noted that the danger lies in employees clicking on links and exposing themselves and their company to cyber attacks.
"Your users probably get a lot of phishing attempts – emails stating ‘this is from PayPal, this is from a bank’, et cetera, or even someone in Facebook saying ‘check out this link’ – people just click links because there’s no understanding," he explained.
"You have to understand what data is where, who has access to that data and what data you are holding."
He advised firms to classify the data they have and put controls in place to prevent it being lost or stolen.
"So say you’re an SME (small to medium-sized enterprise) and you hold personal data, you can either put data controls in your environment now or you can outsource it to the cloud. But if you outsource to the cloud, make sure you do due diligence – you’ve got data encrypted and other controls like that."
Mr Wharram’s comments came after the Acronis Global Disaster Recovery Index 2012 found businesses in the UK have more confidence in their secure online backup strategies now than in 2010.
The research also found two-thirds (65 per cent) of firms are going over their backup and disaster recovery plans frequently.
However, 40 per cent of companies believe their executives are not fully in favour of their data protection plans, while whenever a business suffers a system going down, they lose 2.4 days worth of work.
The analysis flagged up the fact that data growth continues to increase, with the average UK company producing almost 38 terabytes a year.