Employers are increasingly allowing employees to use their own devices for work. The increased convenience and flexibility this provides to employees and employers needs to be balanced against the risk of confidential information being compromised. If you allow your employees to use their own devices for work, do you know:
- what control you have over any data that is stored on a device that is lost or stolen?
- if other family members have access to the device? and
- what happens to data stored on the device when the employee leaves?
The International Working Group on Data Protection in Telecommunications has published a working paper examining the security and privacy risks associated with the use of personally owned devices. The key message from the report is that any organisation considering the use of personally owned devices should carry out a Privacy Impact Assessment to ensure adequate safeguards are in place.
The Information Commissioner's Office has also produced Bring Your Own Device
guidance.
It is worth having a look at both of these before allowing your employees to access confidential information from their own devices.
Petra Venton