Homes and other remote locations (e.g. cafes; public spaces; public transport) are less secure and less disciplined environments than offices from which to access and process personal or confidential data. Given the significant shift to working from home, Mike Griffin, one of our data consultants, and Bernice Rook, give some advice about how to manage data protection when remote working.
There follows a number of common-sense guidelines which should help you remain compliant with data protection legislation and reduce the potential for a data breach. A data breach being defined as: “A security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, lost, accidentally or intentionally destroyed or amended, or used by an individual unauthorised to do so”.
Some useful tips include:
- Avoid working in an area frequented by family, friends or other visitors
- If there are other people in close proximity, position your device screen so it cannot be seen by them
- If you leave your device unattended in the home initiate the screensaver, and/or exit the file you’re accessing, and/or lock the screen
- If in a public space (e.g. café; public transport) do not leave your device unattended at any time
- Do not share your system login/password with anyone for any reason
- Do not allow family or friends to use your device if you’ve been accessing company systems
- Do not download any company data or information to your device
- Do not use public Wi-Fi to access company systems
- Do not upload any software to company systems
- Ensure all portable devices are password protected
- If your device is lost, stolen or misplaced, advise IT immediately
- Do not leave your device in a car
- If any telephone discussion involves the exchange of personal data, make sure you cannot be overheard
- Do not print any document containing personal data unless it is absolutely necessary, and make sure the document is destroyed when no longer needed
- Observe a “clean desk” policy – do not leave documents containing personal or confidential information lying around
If you require further advice or guidance, contact Bernice Rook at email@example.com.