Is BYOD Creating A GDPR Risk For Your Business?

• Content
• Smart Buildings & Technology
• Is BYOD Creating A GDPR Risk For Your Business?

25 May 2018

Does your Bring Your Own Device (BYOD) stance have the potential to create risks relating to data protection or breaches, as a result of staff using a single smartphone for both business and personal uses?

A survey, conducted by Censuswide for Thumbtel, has found that a quarter (25.3%) of senior managers and almost a third of directors (31.8%) use their personal phone for work purposes, while 37% of middle and senior managers use the same phone for both work and pleasure.

This leapt to 78% when the same question was asked to business owners.

In addition, a recent study found that only 54% of organisations in the UK have adopted formal BYOD policies even though 72% of organisations have embraced BYOD and Software as a Service application adoption.

Andy Munarriz of Thumbtel said: “If your employees elect not to use their company issued mobiles or you have a Bring Your Own device policy in place, it’s time to consider the implications of GDPR on your business.

"With over 14 million people in the UK said to use a second mobile phone for work purposes, many prefer to use one device rather than juggle between two different handsets and chargers and this has the potential to create a big headache for business owners as work and personal communications become intertwined, leaving businesses open to possible data risks or security breaches.”

Further findings in the Censuswide survey identify the issues business professionals are facing in managing business and personal communications: 73% of respondents said that they own just one mobile handset, which may create difficulties in splitting business and personal calls.

Two phones

More than half (55%) say they have answered a work call, believing it to be a personal call. While a quarter (25%) of respondents are juggling two or more phones, possibly in an attempt to manage work and home calls on separate devices.

Continued Munarriz: “If your employees use their own mobile phone for work, either formally with a BYOD policy in place or informally without the company’s knowledge, then you need to consider five key questions: do you have a clear BYOD policy in place that all employees are aware of? Can you make it easy for employees to follow your policy? How can they keep work and personal contacts and communications separate? How secure is customer data and communications on their device? And can you ensure that you retain or easily control, customer data if an employee leaves your business?

"These are important questions that company directors should not overlook – particularly with GDPR upon us and the penalties that may come as a result of non-compliance.”

Introducing another number for teams

The Another Number app from Thumbtel provides users with a second number for work on their existing mobile without the need for a second phone, contract or SIM meaning employees can keep work and personal communications separate, whilst the business retains control of the numbers and all associated data.

The business owns the number, so if an employee leaves, they will no longer have access to the number and importantly, the contacts.

Picture: Does staff using a single smartphone for both business and personal use create a GDPR risk for businesses?

Article written by Brian Shillibeer | Published 25 May 2018

Share

Related Articles