Government acts on personal file sharing in the workplace
Over three quarters (80 per cent) of London Boroughs have implemented policies and procedures designed to prohibit the use of personal file sharing and sync solutions. This is according to research conducted through Freedom of Information (FOI) requests by M-Files Corporation, a provider of solutions that dramatically improve how businesses manage documents and other information.
Of the 22 London Boroughs that responded to the FOI request, 77 per cent claimed that they had implemented a range of policies designed specifically to prohibit the use of personal file sharing and sync solutions at work. Additionally, 40 per cent of those surveyed had in place training programmes for their employees on the use of both personal and council provided file sharing and sync applications.
Julian Cook, Director of UK Business, M-Files, stated:
“Bring-your-own-device (BYOD) policies and an increasingly mobile workforce are putting new pressures on IT and changing the requirements for how workers want (and need) to access data. In an effort to work as efficiently as possible, workers have been known to use their own personal file share and sync solutions at work. However, these activities fall outside of the control of IT and can expose organisations to potential security breaches and data loss. These results indicate that local UK authorities understand the security and legal risk involved when their employees use their personal file sharing apps at work, and they’ve taken proactive actions to protect themselves accordingly.”
“People rightly demand high standards from public services. At the heart of local government is the delivery of services to the local community, underpinned by the effective use and exchange of information both within councils and between councils and other services such as health and education. It is therefore crucial for the public to have confidence that any data they provide is treated with appropriate confidentiality and kept safe from any risk of misuse.”
With data loss never far from the news, protecting sensitive information is no longer the sole preserve of national security organisations – it has become a key concern for all levels of government and private enterprises.
A data breach can greatly impact local government organisations – whether its direct harm caused to an individual or organisation as a result of disclosed information, in monetary terms due to fines, loss of funding or negative publicity. As a result, it is no longer enough for local government organisations to treat data security as an add-on. Instead they must actively implement measures to protect both their staff and the information assets they hold.
In recent years a number of high profile losses of personal data such as that from Her Majesties Revenue and Customs (HMRC) have led public bodies to act to bolster public trust and confidence in the way personal information is handled and kept safe.
In the UK, the Data Protection Act 1998 requires controllers of personal data to keep information safe through the use of “appropriate technical and organisational measures.” If a serious breach of security occurs the information commissioner, who is the statutory regulator, is likely to take action. This may take the form of penalties of up to £500,000. Over the past five years a number of local authorities including Hounslow and Ealing in London have faced fines ranging from £70,000 to £120,000 for data breaches.
Julian Cook continued:
“These findings indicate clearly that local government is taking the issue of data protection seriously. But simply prohibiting the use of personal file share and sync apps at work is not the only answer. Modern information workers require solutions that enable them to do their work as efficiently as possible. But without a formal policy on the sharing of files, employees are left with no clear direction or structure on securing and controlling content. But policies alone are not the only answer. Educating employees on the dangers of unauthorised systems and applications is also vital in helping to local councils drive out the potential risk they face when it comes to data protection.”