With digital devices coming into offices with nearly every employee and visitor, companies are leaving themselves at risk, according to the Information Commissioners Office. The Bring Your Own Device (BYOD) rules at many businesses blur the lines between personal and professional use. This can result in employee devices not meeting the Data Protection Act regulations.
The ICO report published this week warns that a business’ data controller – the staff member in charge of data protection — should be aware of the potential problems of BYOD workplaces, and take steps to prevent problems. When employees bring their own devices, the personal data of the owner can be at risk. When employees use these devices for work purposes, they may contain the personal data of the company and its customers.
Data controllers are encouraged to have a clear BYOD policy, including a social media policy, for their employees to follow. Both company and employee should take appropriate steps to ensure that personal data and other confidential information is being protected at a sufficient level.
The report offers a variety of tips and suggestions for employers and employees who have a BYOD culture in their company. It also underscores the importance of data control within companies, including Data Protection Act compliance.
Image from www.freedigitalphotos.net