The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Is BYOD Creating A GDPR Risk For Your Business?

Smartphone
25 May 2018
 

Does your Bring Your Own Device (BYOD) stance have the potential to create risks relating to data protection or breaches, as a result of staff using a single smartphone for both business and personal uses?

A survey, conducted by Censuswide for Thumbtel, has found that a quarter (25.3%) of senior managers and almost a third of directors (31.8%) use their personal phone for work purposes, while 37% of middle and senior managers use the same phone for both work and pleasure.

This leapt to 78% when the same question was asked to business owners.

In addition, a recent study found that only 54% of organisations in the UK have adopted formal BYOD policies even though 72% of organisations have embraced BYOD and Software as a Service application adoption.

Andy Munarriz of Thumbtel said: “If your employees elect not to use their company issued mobiles or you have a Bring Your Own device policy in place, it’s time to consider the implications of GDPR on your business.

"With over 14 million people in the UK said to use a second mobile phone for work purposes, many prefer to use one device rather than juggle between two different handsets and chargers and this has the potential to create a big headache for business owners as work and personal communications become intertwined, leaving businesses open to possible data risks or security breaches.”

Further findings in the Censuswide survey identify the issues business professionals are facing in managing business and personal communications: 73% of respondents said that they own just one mobile handset, which may create difficulties in splitting business and personal calls.

 

Two phones

More than half (55%) say they have answered a work call, believing it to be a personal call. While a quarter (25%) of respondents are juggling two or more phones, possibly in an attempt to manage work and home calls on separate devices.

Continued Munarriz: “If your employees use their own mobile phone for work, either formally with a BYOD policy in place or informally without the company’s knowledge, then you need to consider five key questions: do you have a clear BYOD policy in place that all employees are aware of? Can you make it easy for employees to follow your policy? How can they keep work and personal contacts and communications separate? How secure is customer data and communications on their device? And can you ensure that you retain or easily control, customer data if an employee leaves your business?

"These are important questions that company directors should not overlook – particularly with GDPR upon us and the penalties that may come as a result of non-compliance.”

 

Introducing another number for teams

The Another Number app from Thumbtel provides users with a second number for work on their existing mobile without the need for a second phone, contract or SIM meaning employees can keep work and personal communications separate, whilst the business retains control of the numbers and all associated data.

The business owns the number, so if an employee leaves, they will no longer have access to the number and importantly, the contacts.

Picture: Does staff using a single smartphone for both business and personal use create a GDPR risk for businesses?

 

Article written by Brian Shillibeer | Published 25 May 2018

Share



Related Articles

Gangsters' Paradise Leads To Jail Terms For Business Phishing Scam

Gangsters who altered business emails to rip-off more than £1 million have gone to jail. Two members of the Nigerian organised crime group who committed the fraud...

 Read Full Article
Crown Prosecutions Service Prosecuted - And Other GDPR-type Convictions

You could hardly make it up but the Crown Prosecutions Service has been fined after losing victim interview videos - PLUS a variety of convictions including a...

 Read Full Article
GDPR - No Confidence In Compliance. Mobile Workers Are Biggest Hazard

Most companies are not confident of being fully compliant ahead of the GDPR deadline with the biggest fear being the loss of data on laptops and other mobile...

 Read Full Article
Two Million Fleet Drivers To Revalidate Driving Licence Data Consent

There are over two million drivers who will have to revalidate their driving licence data consent, writes Malcolm Maycock, Chair of the ADLV. Whilst this is a mammoth...

 Read Full Article
Raising The Bar – Consent Under The GDPR

Straight from the horse's mouth, Steve Wood, Deputy Information Commissioner, writes for ThisWeekinFM on the topic of 'consent', how to get it and what to do...

 Read Full Article
Denial Of Service Costs Escalate

A DNS Threat Report has revealed the cost per attack has increased by 57% to $715,000 for organisations globally. EfficientIP, a specialist in DNS security to ensure...

 Read Full Article
Are You Ready For Business Change?

Andrew Carwardine offers 7 Steps to Change & Put Process Back On The Agenda. Thanks to GDPR, processes are back on the agenda but why the wait? Shouldn't we...

 Read Full Article
Human Error Could Cost UK Businesses Up To €20 Million

Over three-quarters of British businesses say that a proportion of inbound mail and communications is incorrectly allocated due to physical handling, creating an...

 Read Full Article
World Education Not Taking Cyber Threat Cost Seriously

The 2019 Global DNS Threat Report has revealed the education sector is one of the most heavily targeted industries for cyber attacks - and yet invests very little to stop...

 Read Full Article
Most Organisations’ Biggest Security Concern Is Users

What Keeps You Up at Night – The 2019 Report looks at over 350 global organisations' security concerns and reveals people are the biggest perceived...

 Read Full Article