In June 2021, classified UK defence documents were found by a member of the public at a bus stop in Kent. They related to military strategy and the movement of warships. Yet again, it highlighted the importance of information security on the move and in public places. But it is from an isolated incident, showing that lessons have not been learned.
When the hand-written notes of an aide in respect of Brexit were photographed in Downing Street in 2016, saying "have cake and eat it". You'd think this would be a salutary lesson for government officials. However, in 2020 another confidential document, this time for "permanent equivalence" was picked up by the long lenses of journalists.
It's tempting to keep working as you travel on public transport, but what are the implications? How should you balance the competing demands for productivity with confidentiality and security?
Data protection tips for outside of the office
1. Avoid using unsecured WiFi hotspots
If you are accessing company networks or sensitive corporate data avoid wifi in cafés, trains, hotel foyers or other public places even if it asks you to sign up and login. If it says it's not a secure network, then it isn't one...
2. Look over both shoulders first
Before you take a work-related call on your mobile make sure you check over both shoulders before discussing anything confidential. And if you need to, explain to callers that you're in a public place and arrange to call them back later.
3. Limit the amount of data you take offsite
Only take necessary files and data with you when you travel; encrypt and password-protect all data first, and ensure that it's returned or deleted after use. Don't carry it around on flash or portable drives!
4. Shield your screen
Working on a laptop when you're on the move can certainly make you more productive, but make sure that you're not sharing corporate information with everyone else in the carriage or café too. Where possible position yourself with a wall behind you. Never sit with your back to a window!
5. Take precautions with physical documents
As every visitor to Downing Street can testify, avoid carrying loose documents; always transport paperwork and corporate information in an opaque envelope or folder to protect it from inquisitive passers-by. And if you use a printer or photocopier, make sure you collect your documents promptly.
6. Don't cover up data losses or breaches
If you make a mistake, tell your manager or IT immediately so that they can act quickly to limit company losses and inform all those affected. Remember that there may be legal repercussions (e.g. data protection and market abuse).
Want to learn more about Information Security?
If you'd like to stay up to date with information security best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news subscribe to Skillcast Compliance Bulletin.
To help you navigate the compliance landscape we have collated searchable glossaries of key terms and definitions across complex topics including GDPR, Equality, Financial Crime and SMCR. We also regularly report key learnings from recent GDPR fines.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And if you're looking for a compliance training solution, why not visit our Compliance Essentials Course Library.
Last but not least, we have 70+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We are happy to help!