The Information Commissionerโs Office (ICO) is advising that organisations should have a clear personal device at work policy.
A recent survey showed that 60% of the UK population now own a smart phone and 20% a tablet and an increasing number want to use their personal devices at work. Known as โbring your own deviceโ the ICO state that the benefits include increased efficiency, flexibility and employee morale but the practice also carries a number of risks which organisations must consider when allowing employeesโ devices to be used to process work-related personal information.
Simon Rice, Group Manager (Technology), said:
โAs the line between our personal and working lives becomes increasingly blurred it is critical employers have a clear policy about personal devices being used at work.โ
โThe benefits must be balanced against the potential risks to work-related personal data but the organisation should not underestimate the level of effort which may be required to ensure that the processing of personal data with BYOD remains compliant with all 8 Principles of the Data Protection Act. Remember, it is the employer who is held liable for any breaches under the DPA.โ
The ICOโs key โbring your own deviceโ recommendations are:
- ensure devices are secure
- ensure data transfers are secure
- retain control
- have an โend of contractโ policy
- have a clear โacceptable use policyโ
