In October, the Government's Communications Electronic Security Group published new guidance for employers who permit their employees to use their own laptops, smart phones and tablets for work, otherwise known as Bring Your Own Device ("BYOD").

According to the Information Commissioner's Office (ICO), 47% of UK adults now use their own personal devices for work purposes. A policy permitting the use of personal devices in this manner can have significant benefits for organisations, however such permitted use also carries risks including a lack of control for the employer, the risk of the device being lost or stolen and the security of the information stored on the personal device. Taking account of the new guidance should help employers to manage these and other associated risks effectively.

The new guidance promotes the following:

  • Implementing specific BYOD policies to ensure good practice. This approach is similar to the recommendations made previously by the ICO in 2013;
  • Employees should receive training about what the BYOD policy permits and good security practice;
  • Creating awareness of the responsibility that employees have to exercise good security measures (especially in terms of password protection) and the potential consequences of not doing so;
  • Considering what information can be accessed from employees' own devices and limiting device access to certain data and services;
  • Introducing increased device support and security controls to manage mobile device usage for business purposes;
  • Having plans in place to mitigate loss and risk if security incidents do occur. This may also include having action plans to wipe sensitive data if devices are lost or stolen from remote access points.

A full copy of the guidance is available here.

Although there may be some costs involved in implementing such measures, these costs must be weighed up against the potential financial and reputational risks that could result if breaches of Data Protection law occur. Consequences for serious breaches could result in fines of up to £500,000 being imposed by the ICO.

MacRoberts can help employers draft and implement bespoke BYOD and Data Protection policies and provide training for staff on them.

Did you know...?

MacRoberts on Scottish Construction Contracts – Third Edition will be published soon!

The book provides a guide to the general principles of Scottish law relevant to construction contracts and the main provisions of the standard forms of construction contract used in Scotland, including:

  • The obligations of employers and contractors
  • Certification
  • Payment
  • Ending a construction contract
  • Remedies
  • Subcontracts
  • Collateral warranties
  • Insurance
  • Dispute resolution
  • Regulatory matters

"I hoped it might be possible for this book... to be kept up to date... That indeed is what has happened and, as I welcome this third edition, I have not been disappointed" The RT Hon Lord Hope of Craighead

For more information, please click here or contact marketing@macroberts.com.

Please add at the end of every article:

© MacRoberts 2014

Disclaimer

The material contained in this article is of the nature of general comment only and does not give advice on any particular matter. Recipients should not act on the basis of the information in this e-update without taking appropriate professional advice upon their own particular circumstances.