Do your staff use personal devices at work?

The Information Commissioner’s Office (“ICO”) recently issued guidance urging employers to introduce a clear policy on staff using personal devices for work.

With over 60% of the UK now owning a smart phone, many employees are taking advantage of the flexibility of using their own devices to work from home, while travelling or at the office.

However, employers should beware of the risks caused by personal devices; from loss of sensitive business data, to the introduction of viruses into company networks. Implementing a policy on employees’ use of personal devices can minimise those risks.

Organisations should be wary of the risk of data being intercepted when using public cloud services and should review whether it is appropriate to use public cloud services at all. The ICO also said that organisations should consider whether device functions that enable data transfer functions should be disabled, such as Wi-Fi or Bluetooth. Staff should be issued with guidance on how to use Wi-Fi networks securely and should be made aware that some devices may automatically connect to open Wi-Fi networks as they are found by the device.

Last year, the ICO ordered organisations to pay over £2m in fines for breaches of Data Protection and Electronic Communications rules.

In one case, a local authority was fined £100,000 after inadequate procedures led to 39 pages of sensitive information being accidentally uploaded to the internet by an employee. The ICO has warned that organisations which fail to put in place adequate procedures to manage these risks could face fines of up to £500,000 in the event of a breach.

The ICO has made five recommendations for all employers:

  •     Ensure personal devices are secure;
  •     Ensure all data transfers are secure;
  •     Use software to retain control of a device after it has been lost or stolen;
  •     Have an ‘end of contract’ policy; and
  •     Have a clear Acceptable Use Policy.

It is therefore strongly advisable that your organisation has an “Acceptable Use” policy covering these situations. We would be happy to assist you with drafting a new policy or, revising your existing policies on social media, e-mail and use of company equipment to cover use of personal equipment.

If this is something you would like to find out more about, please contact Stewart Pettigrew of the Corporate Team on 0141 333 6750.

Another Success for Dallas McMillan in Securing Co...
Overhaul of guidance for working at height

By accepting you will be accessing a service provided by a third-party external to https://www.dallasmcmillan.co.uk/