A Freedom of Information request from managed Services provider Annodata has revealed that 42% of local authorities in England are yet to implement a ‘Bring Your Own Device’ (BYOD) policy.
According to Annodata, without an enforceable plan in place, these organisations may be leaving themselves exposed to the risk of data leakage, and lessening any benefits to be had from BYOD.
The FOI request was issued to 79 council districts from all regions in England. Annodata says that considering the strict guidelines on data security in the public sector, particularly when it comes to protecting confidential personal information, it’s vital to have a clear BYOD strategy in place before employees use their own devices to access an organisation’s data.
With the introduction of the General Data Protection Regulation (GDPR), controlling access to company data and from what devices will become even more important, and organisations will face serious legal and financial repercussions, with fines of up to 4% of total revenue.
Joe Doyle, marketing director at Annodata commented: ‘BYOD can bring clear benefits in the form of greater flexibility and increased productivity. However, any gains to be had from BYOD will be null and void if there is not a clear policy to accompany this. The risk of not giving BYOD appropriate consideration can result in companies being left exposed to an increased risk of data leakage, whilst also making it difficult to determine which devices are accessing which systems and data. Employees want to use their own devices and experience tells us that they will, with or without a standard. Having a BYOD policy grants organisations greater visibility and control over this.’
‘The public sector in particular needs to approach BYOD with due diligence and special emphasis needs to be placed on security when employees are using their own devices to access an organisation’s data. Despite this, our research highlights that a number of local authorities are yet to implement specific and enforceable measures.’
‘However, this is the ideal opportunity for council districts, and other public sector organisations, to revise their approach to existing IT polices and how data is managed. Doing so will minimise the risks associated with BYOD and will enable the real benefits, including increased productivity and efficiency, to be attained. Local authorities should look to work with the right provider who can conduct a thorough and comprehensive review of their current approach.’