Civil servants think personal laptops raise security risks

Monday, 4 July 2011

A survey by Dods for global IT security and data protection firm Sophos has found that 68 per cent of UK civil servants think that there is a greater security risk when Government officers use personal laptops in the workplace, compared to using work laptops.

Some 80 per cent of respondents also think that there is a security risk of Government officers using personal smartphones in the workplace while 47 per cent believe that this risk is greater than using work smartphones for the same purposes.

The findings, which show that the increasing use of consumer technology for work purposes continues to be a growing security concern, came from a survey conducted by Dods for Sophos of 858 senior civil servants from across the UK Government.

"Public sector organisations need to address the use of consumer devices for work purposes on two fronts," said Ollie Hart, Sophos’s head of public sector business.

"Firstly, we have to consider that these devices are not designed for corporate use, and so the security settings may not be optimised for the work place. Secondly, when people are using their own devices for work, either in the office or remotely, it’s likely that they won’t consider the same security risks as they do when using work-provided equipment. Educating staff and IT teams on security principles, such as the importance of encrypting classified information, is essential, regardless of the type of device that they’re using."

Sophos has also recently conducted research into consumer attitudes towards the consumerisation of technology, with the findings reflecting a lack of security concern – 48 per cent of respondents said that they don’t consider security issues when using mobile technologies.

“People need to start applying the same security principles to their personal devices as they do to their work equipment, especially if they’re bringing smartphones and laptops into the work place,” continued Hart. “Even if people don’t see the ICO maximum fine as much of a deterrent – in the survey the maximum ICO fine of £500,000 was not seen to be enough of a deterrent by 41 per cent of civil servants – the reputational damage of a data breach can prove to be far more costly. All devices should have security features enabled, such as passcode protection and encryption, to reduce the potential attack surface, in case mobile devices are lost or stolen.”

Find Councils

LGE's complete guide to the UK's Councils.

Find councils by region or by type using the search boxes, or roll over the region on the map.