BYOD Threats Concern British Privacy Regulator - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile
News
3/8/2013
01:15 PM
50%
50%

BYOD Threats Concern British Privacy Regulator

Information Commissioner points to risks from employee-owned devices, releases guide to help businesses avoid data breaches, fines.

MWC 2013: Five Best Gadgets (Samsung Galaxy Note 8.0)
MWC 2013: Five Best Gadgets
(click image for slideshow)
The bring-your-own-device (BYOD) movement poses significant threats to data security and privacy, said the U.K.'s Information Commissioner's Office (ICO) at its annual conference in Manchester last week. The ICO is the government body set up to police data privacy and levy hefty fines on organizations it deems have too lax control over personal data.

The organization said its basis for raising such concerns is a study it recently conducted about BYOD attitudes among the British public. The ICO upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals, as set out in the U.K.'s Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

The ICO study's study found many employers appear to have a way-casual (in its phrase, laissez faire) attitude about allowing staff to use their personal laptops, tablet computers or smartphones for work. It warns that may be "placing people's personal information at risk" – and it doesn't like it.

[ What's the most dangerous smartphone? See Malware Writers Prefer Android. ]

The online survey, carried out by well-known U.K. consumer attitude pollsters YouGov, polled 2,151 British adults from Feb. 27 through March 1, 2013.

They found that 47% of all U.K. adults now use their personal smartphone, laptop or tablet computer for work purposes.

That would be fine, except fewer than three in 10 get guidance from their bosses on how to use BYOD, said the Information Commissioner. It said that raises "worrying concerns" that people may not understand how to look after the personal information accessed and stored on these devices.

"Employers must have adequate controls in place to make sure this information is kept secure," warned Simon Rice, the ICO's group manager for technology.

Rice also said many businesses aren't properly calculating the cost of introducing these controls -- which can range from being "relatively modest" to "quite significant." As a result, he is concerned any expected advantage from BYOD may not actually be delivered.

"Certainly," he said, "the sum will pale into insignificance when you consider the reputational damage caused by a serious data breach."

He should know: the ICO just fined a public sector nursing and midwifery organization £130,000 ($224,000) for losing three DVDs related to a nurse's misconduct hearing.

To help address these BYOD gaps, ICO has published a free guide to help CIOs address some of the main issues around properly protecting customer, patient or personal data in a BYOD context.

The guidance comes in the context of what -- echoing that ancient Chinese curse -- the Information Commissioner, Christopher Graham, calls "interesting times".

Speaking to some 800 data compliance officers at the conference, Graham said the ICO's annual conference fell at "a decisive moment for the data protection sector."

Graham's reference is to ongoing changes in European data legislation and the U.K's own struggle to find new ways of protecting privacy and free speech in an age of press intrusions and Twitter.

Still, for Graham, "Our central purpose remains unchanged: upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
Commentary
Preparing for the Upcoming Quantum Computing Revolution
John Edwards, Technology Journalist & Author,  6/3/2021
News
How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll