BRING YOUR OWN DEVICE
|
|
- Lynne Howard
- 8 years ago
- Views:
Transcription
1 BRING YOUR OWN DEVICE TEN GOOD PRACTICES FOR EMPLOYERS AND THEIR DATA Managing Risk Maximising Opportunity
2 TEN GOOD PRACTICES FOR EMPLOYERS AND THEIR DATA The concept of employees using their own personal devices for work is gaining traction in many organizations. But whilst organizations can make savings in hardware purchasing costs from allowing their staff to work from personal devices, are they leaving themselves open to potentially far more damaging issues both for their bottom line and their reputation? In this article, we assess the implications of the Bring Your Own Device (BYOD) trend and offer ten steps for best practice data management. In Asia, it is becoming common practice within many organizations for employees to use their personal devices for work even when they are in the office. This presents significant challenges for those responsible for managing company data, with vast swathes of information effectively off the radar. Global privacy laws vary greatly, but in many jurisdictions it can be difficult, if not impossible, to collect vital information from privately-owned laptops or smart phones without having a court order mandating it. Companies can be at significant risk if their employees use personal laptops, tablets or smart phones at work. Should they need to investigate possible wrongdoing or defend themselves against civil or criminal actions often at short notice in a crisis situation - they could be at a serious disadvantage because they cannot easily examine relevant data on their employees personal devices. Such predicaments can be expensive if not dangerous. Rather than proceeding reactively, it is wise to have policies and plans regarding personal electronic devices in place long before they are needed. The easiest solution is to provide electronic devices to employees to be used for all work-related matters, clearly communicating that the company has the right to retrieve data from them. It might be cheaper to have employees bring their own devices, but you are giving away a lot of control. The following ten steps can help employers handle complicated issues regarding personal devices in the workplace: 1. Create a map of data flows Is your data shared or on a server? Is it in laptops or desktops? Is it on a C-Drive or in clouds? Mapping corporate data flows gives a snapshot of data and communications streams. It helps to understand where data and messages originate, how much comes from personal or company-owned devices, what servers are involved and where they are located. If s can be trapped on a company-owned server, reviewing them will be easier. This may not be the case if the company uses off-site cloud computing to handle data and message traffic. Cultural practices can be problematic and must be addressed. In China and South Korea, for instance, people routinely use both company and personal s for work-related purposes, blurring the line between what is personal and what is business. This is an issue Control Risks ediscovery team has encountered numerous times when supporting clients with their investigations. 2. Create a company-wide data classification system The sensitivity of a company s internal information can differ tremendously. Some material may be innocuous, but some could negatively impact a company if released. Executives must consider each type of data and its level of importance. 1
3 Highly sensitive information such as new product specifications or salary levels cannot be handled in the same manner as publicly available information. The solution is for the company to assess and define levels of sensitivity, educate employees about classifying data according to sensitivity, and restrict access accordingly. 3. Review privacy rules on employee use of personal devices Company officials trying to reconcile the use of electronic devices need to establish early on what is allowed and what is not, keeping abreast of how applicable laws may be evolving. In Latin America, privacy laws increasingly favor individual over corporate rights, especially in countries such as Argentina and Chile that have strong cultural ties to Europe, known for its strong privacy laws. Countries such as Brazil float in the middle with no strong data privacy law. Companies have to make it clear that employees must use company phones or computers when conducting daily operations. They also must be clear that the company has the right to monitor all messages and data involved with the company-owned devices. The statements must be worded in such a way that they can withstand court review if an employer and employee end up in a lawsuit or criminal proceeding. If a company allows workers to use their own smart phones for work-related purposes, they can require them to sign agreements allowing the company to scan the phones for corporate information. 4. Provide company-owned devices if practical Providing employees with company-owned devices may be expensive, but this simple solution solves many problems. It eliminates an employee s excuse of needing to use personal devices to conduct company business, and gives the company the right to inspect and retrieve data. It also makes it easier for a company to maintain control during investigations without necessarily tipping its hand if it suspects that an employee is involved in something inappropriate. 5. Compile a list of vendors who can retrieve data Situations requiring internal investigations typically arise without warning. Many companies are unprepared to deal with suspicions of bribery, fraud or embezzlement. One way for an organization to ensure that it is prepared for such an investigation is to have a list of pre-qualified vendors who can be called upon to help retrieve and analyze employees electronic data and communications. Having a list of vendors can save a company time and money and help it to avoid making mistakes when emotions might run high. Companies should keep in mind though, that vendors employees may also use their own laptops or smart phones. A vendor s methods of storing critically-important data may be unknown to the hiring firm or even outside of its control. The company can protect itself by having vendors sign agreements that their devices can be scanned for company information. 6. Inform employees of probes if possible Even if an employee uses a company-owned device, he or she still has rights to privacy. Unless extenuating circumstances prevent it (such as the need for secrecy in the early stages of a probe), notifying the employee that the company wants to review their electronic device is usually advisable. How this is handled depends on local privacy laws. In some cases, a company may need to identify truly personal material on the company-owned device, such as family photographs or personal bank accounts. Failure to do so can have legal repercussions. 2
4 7. Have notaries present during data retrieval If an employee s company-owned device is being examined and its data is being copied, a notary or other independent official with legal power should be present to witness the process if data privacy laws in the jurisdiction call for it. If incriminating files or messages are found, an employee could claim to not know where the data came from. The presence of a notary, or local equivalent, could help prevent charges that the company planted incriminating evidence in the equipment used by the employee. 8. Consider covert collection when appropriate Investigations can involve extremely sensitive matters and sometimes the existence of the probe must not be revealed to an employee. In cases involving company-owned electronic devices, the company can quietly take control of a device, retrieve the data contents and examine them once the device is back in the employee s possession. However, such covert data collection should only be pursued after consultation with counsel, as it may violate local data privacy laws. 9. Instruct employees on the proper use of social media Facebook, Twitter and other forms of social media are making it increasingly easy for employees to communicate company-related content outside of company control. Whilst social media can be used successfully as a marketing tool, it can be detrimental if an employee uses it to express opinions or publicize information that is harmful to the company. Some company systems limit access to such sites from corporate domains, but a personal device outflanks such filters. Companies should educate all employees about the potential hazards of social media, through corporate guidance and formal training. 10. Copy data when an employee leaves his job Companies routinely keep copies of corporate documents for specific periods of time in case they are needed for tax or legal matters. Keeping copies of files stored on a company-owned device after an employee leaves their job can be a necessary safeguard. Such data, notably messages, can help the company protect itself should the employee violate secrecy agreements regarding proprietary information or non-competition pacts. Companies should devote serious consideration to how long the files should be kept. Even if a company plans well and creates clear and workable policies involving personal devices, it may confront other problems over which it has little control. Ultimately, the best approach is to proactively create formal plans and policies on using personal devices at the workplace. Doing so before an investigation is needed can spare companies from considerable frustration and expense. Control Risks is an independent, global risk consultancy specialising in helping organisations manage political, integrity and security risks in complex and hostile environments. We support clients by providing strategic consultancy, expert analysis and in-depth investigations, handling sensitive political issues and providing practical on-the-ground protection and support. Our unique combination of services, geographical reach and the trust our clients place in us ensure we can help them to effectively solve their problems and realise new opportunities across the world. Learn more at 3
5 Published by Control Risks Group Limited ( the Company ), Cottons Centre, Cottons Lane, London SE1 2QG. The Company endeavours to ensure the accuracy of all information supplied. Advice and opinions given represent the best judgement of the Company, but subject to Section 2 (1) Unfair Contract Terms Act 1977, the Company shall in no case be liable for any claims, or special, incidental or consequential damages, whether caused by the Company s negligence (or that of any member of its staff) or in any other way. Copyright: Control Risks Group Limited All rights reserved. Reproduction in whole or in part prohibited without the prior consent of the Company. Control Risks offices abudhabi@controlrisks.com alkhobar@controlrisks.com algiers@controlrisks.com amsterdam@controlrisks.com baghdad@controlrisks.com basra@controlrisks.com beijing@controlrisks.com berlin@controlrisks.com bogota@controlrisks.com copenhagen@controlrisks.com delhi@controlrisks.com dubai@controlrisks.com erbil@controlrisks.com hongkong@controlrisks.com houston@controlrisks.com islamabad@controlrisks.com jakarta@controlrisks.com johannesburg@controlrisks.com lagos@controlrisks.com london@controlrisks.com losangeles@controlrisks.com mexicocity@controlrisks.com moscow@controlrisks.com mumbai@controlrisks.com nairobi@controlrisks.com newyork@controlrisks.com panamacity@controlrisks.com paris@controlrisks.com portharcourt@controlrisks.com saopaulo@controlrisks.com seoul@controlrisks.com shanghai@controlrisks.com singapore@controlrisks.com sydney@controlrisks.com tokyo@controlrisks.com washington@controlrisks.com
BUILDING DATA CENTERS: UNDERSTANDING THE RISKS. Managing Risk Maximising Opportunity. www.controlrisks.com
BUILDING DATA CENTERS: UNDERSTANDING THE RISKS Managing Risk Maximising Opportunity www.controlrisks.com Building Data Centers: UNDERSTANDING THE RISKS The world is inundated in new information. Ninety
More informationVIOLENCE IN THE WORKPLACE
VIOLENCE IN THE WORKPLACE A KEY BUSINESS CONTINUITY RISK Managing Risk Maximising Opportunity www.controlrisks.com Violence in the Workplace A Key Business Continuity Risk John Lane and Rebecca Scorzato
More informationDIOCESE OF DALLAS. Computer Internet Policy
DIOCESE OF DALLAS Computer Internet Policy October 2012 Page 1 ROMAN CATHOLIC DIOCESE OF DALLAS COMPUTER SYSTEMS AND INTERNET USE POLICY Summary Definitions: 1. The term Communication(s) Assets as used
More informationPlease read these Terms and Conditions of Use carefully. They govern the provision and use of the MyPAYE Online Payroll service and website.
Terms and Conditions of Use Your online payroll is run via for MyPAYE Online Payroll Service Please read these Terms and Conditions of Use carefully. They govern the provision and use of the MyPAYE Online
More informationINTERNET, EMAIL AND COMPUTER USE POLICY.
INTERNET, EMAIL AND COMPUTER USE POLICY. CONSIDERATIONS Code of Conduct Discipline and termination policy Privacy Policy Sexual Harassment policy Workplace Health & Safety Policy LEGISLATION Copyright
More informationAcceptable Use of Information Systems Standard. Guidance for all staff
Acceptable Use of Information Systems Standard Guidance for all staff 2 Equipment security and passwords You are responsible for the security of the equipment allocated to, or used by you, and must not
More informationICT POLICY AND PROCEDURE
ICT POLICY AND PROCEDURE POLICY STATEMENT St Michael s College regards the integrity of its computer resources, including hardware, databases and software, as central to the needs and success of our day-to-day
More informationregion16.net Acceptable Use Policy ( AUP )
region16.net Acceptable Use Policy ( AUP ) Introduction By using service(s) provided by region16.net (including, but not necessarily limited to, Internet Services and videoconferencing), you agree to comply
More informationATTENTION: This legal notice applies to the entire contents of this website under the domain name
Terms and Conditions ATTENTION: This legal notice applies to the entire contents of this website under the domain name www.pentasia.com ("the Website") and to any correspondence by e-mail between us and
More informationThe term Broadway Pet Stores refers we to the owner of the website whose registered office is 6-8 Muswell Hill Broadway, London, N10 3RT.
Website - Terms and Conditions Welcome to our website. If you continue to browse and use this website you are agreeing to comply with and be bound by the following terms and conditions of use, which together
More information"choose your own device" : the employer still provides the hardware and the employee can choose e.g. the model.
WHAT IS BYOD? BYOD comes in "different shades of grey". "bring your own device" : employees are allowed to use their privately owned hard- and software. IT-applications and company data of the employer
More informationMEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT
MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT TO: John Phillips, City Manager Number: 04-020 SUBJECT: Computer Network, Internet and E-Mail Access Policy Date: 9/903 Attached is copy of the Information
More informationGENOA, a QOL HEALTHCARE COMPANY WEBSITE TERMS OF USE
GENOA, a QOL HEALTHCARE COMPANY WEBSITE TERMS OF USE IF YOU HAVE A MEDICAL EMERGENCY, YOU ARE INSTRUCTED IMMEDIATELY TO CALL EMERGENCY PERSONNEL (911). DO NOT RELY ON THIS WEBSITE OR THE INFORMATION PROVIDED
More informationPerformance 2015: Global Stock Markets
Performance 21: Global Stock Markets November 12, 21 Dr. Edward Yardeni 16-972-7683 eyardeni@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog. thinking outside the box Table Of
More informationPerformance 2013: Global Stock Markets
Performance 213: Global Stock Markets January 4, 214 Dr. Edward Yardeni 16-972-7683 eyardeni@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog. thinking outside the box Table Of
More informationIM&T POLICY & PROCEDURE (IM&TPP 01) Anti-Virus Policy. Notification of Policy Release: Distribution by Communication Managers
IM&T POLICY & PROCEDURE (IM&TPP 01) Anti-Virus Policy DOCUMENT INFORMATION Author: Vince Weldon Associate Director of IM&T Approval: Executive This document replaces: IM&T Policy No. 1 Anti Virus Version
More informationHUMAN RESOURCE COMPLIANCE AUDIT Why is it so critical to complete?
HUMAN RESOURCE COMPLIANCE AUDIT Why is it so critical to complete? Lisa B. Bell, M. Ed. Veterinary Business Advisors, Inc. www.veterinarybusinessadvisors.com What is a Human Resource Compliance Audit?
More informationSONOMA CHARTER SCHOOL STUDENT USE OF TECHNOLOGY POLICY
SONOMA CHARTER SCHOOL STUDENT USE OF TECHNOLOGY POLICY Date Approved: 4/16/2015 New technologies are modifying the way in which information may be accessed, communicated and transferred. Those changes
More informationROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014.
ROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014. The Rohit Group of Companies ( Rohit Group, Company, our, we ) understands
More informationMISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY
MEMORANDUM TO: FROM: RE: Employee Human Resources MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY Please find attached the above referenced policy that is being issued to each
More informationTERMS OF USE 1 DEFINITIONS
1 DEFINITIONS In these Terms of Use a) CDA shall mean Common Data Access Limited, a company registered in England and Wales whose registered office is at 6th Floor East, Portland House, Bressenden Place,
More informationSmart Policies for Workplace Technologies Email, Blogs, Cell Phones & More
Smart Policies for Workplace Technologies Email, Blogs, Cell Phones & More By Lisa Guerin, J.D. Nolo, 2011, ISBN:1-4133-1326-0 Price $26.95, pp. 225 pages Reviewed by Nina T. Dow Journal of High Technology
More informationEthics Opinion 000210
Ethics Opinion 000210 FACTS: Attorney B successfully represented to conclusion a sophisticated client in a criminal matter, but was paid only a small portion of the substantial bill incurred. Following
More informationTerms & Conditions. In this section you can find: - Website usage terms and conditions 1, 2, 3. - Website disclaimer
1 Terms & Conditions In this section you can find: - Website usage terms and conditions 1, 2, 3 - Website disclaimer -Acceptable internet use policy 1,2,3,4 - Acceptable email use policy 1, 2 - Copyright
More informationWHAT IS A COMPLIANCE PLAN
Code of Conduct WHAT IS A COMPLIANCE PLAN AND CODE OF CONDUCT? The Compliance Plan and Code of Conduct are formal statements of EPIC s standards and rules of ethical business conduct. We need a Compliance
More informationAB 1149 Compliance: Data Security Best Practices
AB 1149 Compliance: Data Security Best Practices 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: AB 1149 is a new California
More informationAll copyright, trade mark, design rights, patent and other intellectual property rights (registered or unregistered) in the Content belongs to us.
LEO Pharma Terms of use We/ Us/ Our You/Your Website Content LEO Laboratories Limited a company registered in the United kingdom under number 662129) known as LEO Pharma (LEO Pharma) and companies affiliated
More informationGENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE
GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE By using the Genoa Online system (the System ), you acknowledge and accept the following terms of use: This document details the terms of
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationRadix Technologies China establishes compelling cloud services using CA AppLogic
CUSTOMER SUCCESS STORY Radix Technologies China establishes compelling cloud services using CA AppLogic CUSTOMER PROFILE Industry: IT services Company: Radix Technologies China Employees: 25 BUSINESS Radix
More informationPerformance 2016: Global Stock Markets
Performance 216: Global Stock Markets July 22, 216 Dr. Edward Yardeni 16-972-7683 eyardeni@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog. thinking outside the box Table Of Contents
More informationWhat are cookies and how does Glendale Career College use them?
Privacy Policy Glendale Career College is committed to safeguarding your privacy online. Please read the following policy to understand how your personal information will be treated as you make full use
More informationCity of Grand Rapids ADMINISTRATIVE POLICY
City of Grand Rapids ADMINISTRATIVE POLICY NUMBER: 84-02 DATE: 7/23/84 REVISIONS: 6/17/88; 11/7/00 (replaces old #84-02, #95-07, & #95-08); 6/13/08; 11/26/13 ISSUED BY: City Manager SIGNED: SUBJECT: ELECTRONIC
More informationTools for workplace monitoring - The all-seeing eye of the boss Legal newsletter
Tools for workplace monitoring - The all-seeing eye of the boss Legal newsletter 18 June 2014 Tools for workplace monitoring - The all-seeing eye of the boss Deloitte Legal Szarvas, Erdős and Partners
More informationCODE OF ETHICS AND BUSINESS CONDUCT
CODE OF ETHICS AND BUSINESS CONDUCT Date of Issue: 22 January 2015 Version number: 2 LUXFER HOLDINGS PLC Code of Ethics and Business Conduct Luxfer Holdings PLC is committed to conducting its business
More information~CEIVEcJ FEB 2 4 2014
February 21, 2014 Hon. Kamala D. Harris Attorney General 13 00 I Street, 1 ih Floor Sacramento, California 95814 Attention: Ms. Ashley Johansson Initiative Coordinator ~CEIVEcJ FEB 2 4 2014 INITIATIVE
More informationTable of Contents. Acknowledgement
OPA Communications and Member Services Committee February 2015 Table of Contents Preamble... 3 General Information... 3 Risks of Using Email... 4 Use of Smartphones and Other Mobile Devices... 5 Guidelines...
More informationService Description: Dell Backup and Recovery Cloud Storage
Service Description: Dell Backup and Recovery Cloud Storage Service Providers: Dell Marketing L.P. ( Dell ), One Dell Way, Round Rock, Texas 78682, and it s worldwide subsidiaries, and authorized third
More informationBRING YOUR OWN DEVICE
BRING YOUR OWN DEVICE Legal Analysis & Practical TIPs for an effective BYOD corporate Policy CONTENTS 1. What is BYOD? 2. Benefits and risks of BYOD in Europe 3. BYOD and existing Policies 4. Legal issues
More informationEmail Security - A Holistic Approach to SMBs
Implementing the latest anti-virus software and security protection systems can prevent many internal and external threats. But these security solutions have to be updated regularly to keep up with new
More informationApplication to access Chesters Trade
Application to access Chesters Trade Please fill in all details below: Account Number Company Name Company Phone Number Fax Number Contact Name Mobile Number Email Address Please review the Terms of Use
More informationIntroduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery
Today s Topics Introduction to Data Privacy & ediscovery General Overview Data Privacy in the United States Data Privacy in Foreign Countries Intersection of Data Privacy & ediscovery Preservation of Data
More informationYORK REGION DISTRICT SCHOOL BOARD
WORKING DOCUMENT YORK REGION DISTRICT SCHOOL BOARD Policy and Procedure #194.0, Use of Technology Procedure #194.1, Use of Non-Board Devices Procedure #194.2, Password Management The Use of Technology
More information360 o View of. Global Immigration
360 o View of Global Immigration In a fast moving global economy, remaining compliant with immigration laws, being informed and in control is more challenging than ever before. We are a globally linked
More informationCYBERSAFETY AT WESTLAKE GIRLS HIGH SCHOOL
CYBERSAFETY AT WESTLAKE GIRLS HIGH SCHOOL CYBERSAFETY USE AGREEMENT FOR STUDENTS 2014 This document consists of a cover page and three sections: Section A Cybersafety In The School Environment Important
More informationCloud computing. Advantages and disadvantages
Cloud computing Advantages and disadvantages CPA Australia Ltd ( CPA Australia ) is one of the world s largest accounting bodies representing more than 139,000 members of the financial, accounting and
More informationA White Paper from AccessData Group. The Future of Mobile E-Discovery
A White Paper from AccessData Group The Future of Mobile E-Discovery Contents 1. The changing landscape of e-discovery 2. New expectations in the courtroom 3. Mobile discovery within corporations 4. MPE+
More informationworkplace efficiency and compliance with Impero
white paper: employee monitoring workplace efficiency and compliance with Impero task Keep employees on task whilst ensuring compliance with acceptable use policies solution Deploy a granular monitoring
More informationA White Paper from AccessData Group. The Future of Mobile E-Discovery
A White Paper from AccessData Group The Future of Mobile E-Discovery Contents 1. The changing landscape of e-discovery 2. New expectations in the courtroom 3. Mobile discovery within corporations 4. MPE+
More informationWebsite TERMS OF USE AND CONDITIONS
Website TERMS OF USE AND CONDITIONS Welcome to the Adult & Pediatric Dermatology, p.c. ( APDerm ) website. These Terms of Use and Conditions ( Terms ) govern your use of the APDerm ( our ) website ( Site
More informationHuman Resources Policy and Procedure Manual
Procedure: maintains a computer network and either purchases software for use in the network or develops proprietary software systems for Company use. Company employees are generally authorized to use
More informationWhite Paper. What the ideal cloud-based web security service should provide. the tools and services to look for
White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 The components required of an effective web
More informationWHISTLEBLOWING TO THE CHILDREN S COMMISSIONER FOR WALES
WHISTLEBLOWING TO THE CHILDREN S COMMISSIONER FOR WALES 1. What does the Children s Commissioner for Wales do? The Children's Commissioner for Wales is an independent children s rights institution established
More informationWHAT MATTERS MOST TO CORPORATE COUNSEL IN E-DISCOVERY MANAGEMENT. Presenting the results from BDO s inaugural Inside E-Discovery Survey
WHAT MATTERS MOST TO CORPORATE COUNSEL IN E-DISCOVERY MANAGEMENT Presenting the results from BDO s inaugural Inside E-Discovery Survey 1 ACEDS Membership Benefits Training, Resources and Networking for
More informationTerms and Conditions Website Development
Terms and Conditions Website Development 1. DEFINITIONS The following terms and conditions document is a legal agreement between Embertech Ltd hereafter the Company and Client for the purposes of web site
More informationHow to Manage Costs and Expectations for Successful E-Discovery: Best Practices
How to Manage Costs and Expectations for Successful E-Discovery: Best Practices Mukesh Advani, Esq., Advisory Board Member, UBIC North America, Inc. UBIC North America, Inc. 3 Lagoon Dr., Ste. 180, Redwood
More informationOnline Business Terms and Conditions - A Brief Glossary
IDEAS ANONYMOUS WEBSITE TERMS AND CONDITONS OF USE 1 Introduction 1.1 These terms of use explain how you may use this website (the Site ). References in these terms to the Site include the following website
More informationManaging Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec
Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics
More informationStandard: Information Security Incident Management
Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of
More informationFrontier Academy s Bring Your Own Device (BYOD) - User Agreement 2013-14
Frontier Academy s Bring Your Own Device (BYOD) - User Agreement 2013-14 Please read the below guidelines, sign and return the last page and then return it to Frontier Academy Technology Department (or
More informationwww.intoutsource.com
Welcome to Outsource International At Outsource International, we deliver smarter international solutions across the leading global technologies. We are a dedicated technology services provider established
More informationNeil Meikle, Associate Director, Forensic Technology, PwC
Case Study: Big Data Forensics Neil Meikle, Associate Director, Forensic Technology, PwC 6 November 2012 About me Transferred to Kuala Lumpur from PwC s Forensic Technology practice in London, England
More informationBYOD At Your Own Risk Working in the BYOD Era. Shane Swilley swilley@cosgravelaw.com (503)276-6074
BYOD At Your Own Risk Working in the BYOD Era Shane Swilley swilley@cosgravelaw.com (503)276-6074 Remember when mobile technology was more Hollywood fantasy than reality The original Smart Phone By the
More informationResponsible Use Agreement
BYOD is an acronym for Bring your Own Device. For BYOD, a "device" is a privately owned laptop, tablet computing device, netbook, notebook, e-reader, ipod touch (or similar), or cell/smart phone. For the
More informationQueensland Legal Salary Survey Report 2011. A guide to salaries and recruiting trends for the Queensland legal profession.
Queensland Legal Salary Survey Report 2011 A guide to salaries and recruiting trends for the Queensland legal profession. thanks for participating We would like to express our gratitude to all who participated
More informationProtecting Your Network Against Risky SSL Traffic ABSTRACT
Protecting Your Network Against Risky SSL Traffic ABSTRACT Every day more and more Web traffic traverses the Internet in a form that is illegible to eavesdroppers. This traffic is encrypted with Secure
More informationGain the cloud advantage. Cloud computing explained Decide if the cloud is right for you See how to get started in the cloud
Gain the cloud advantage Cloud computing explained Decide if the cloud is right for you See how to get started in the cloud What is cloud computing? Many businesses are moving their IT to the cloud. But
More informationCOLUSA EDUCATORS WIDE AREA NETWORK (CEWAN) USE OF COMPUTERS, COMPUTER NETWORKS, AND INTERNET SERVICES POLICY
1 The COLUSA EDUCATORS WIDE AREA NETWORK (CEWAN) a consortium of the Colusa County Office of Education (CCOE) with Colusa Unified School District, Maxwell Unified School District, Williams Unified School
More informationDepartment of Finance and Administration Telephone and Information Technology Resources Policy and Procedures March 2007
Department of Finance and Administration Telephone and Information Technology Resources Policy and Procedures March 2007 I. Statement of Policy The Department of Finance and Administration (DFA) makes
More informationWho Should Know This Policy 2 Definitions 2 Contacts 3 Procedures 3 Forms 5 Related Documents 5 Revision History 5 FAQs 5
Information Security Policy Type: Administrative Responsible Office: Office of Technology Services Initial Policy Approved: 09/30/2009 Current Revision Approved: 08/10/2015 Policy Statement and Purpose
More informationVersion: 2.0. Effective From: 28/11/2014
Policy No: OP58 Version: 2.0 Name of Policy: Anti Virus Policy Effective From: 28/11/2014 Date Ratified 17/09/2014 Ratified Health Informatics Assurance Committee Review Date 01/09/2016 Sponsor Director
More informationHow to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised
ACE USA Podcast Released June 24, 2010 How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior Vice President, ACE North America Marketing
More informationIntroduction. General Use
Introduction Dane County provides a variety of technological resources to its employees to improve public service and maximize efficiency. The purpose of this policy is to advise users regarding the use
More informationWhite Paper. The benefits of a cloud-based email archiving service. for use by organisations of any size
White Paper The benefits of a cloud-based email archiving service A White Paper by Bloor Research Author : Fran Howarth Publish date : June 2010 Given the importance placed today on emails as a means of
More informationANTI-BRIBERY AND FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY
Issued: November 12, 2013 ANTI-BRIBERY AND FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY SCOPE This policy applies to all Magnetek, Inc. ( Magnetek ) employees, its subsidiaries and affiliates worldwide,
More informationCase study on asset tracing
Recovering Stolen Assets: A Practitioner s Handbook ARNO THUERIG * Case study on asset tracing I. Case study background The client adviser of a Swiss private bank transferred approximately USD 1 million
More informationESI Risk Assessment: Critical in Light of the new E-discovery and notification laws
ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws Scott Bailey, CISM Christopher Sobota, J.D. Enterprise Risk Management Group Disclaimer This presentation is for informational
More informationLondon LAWN Terms of Service
London LAWN Terms of Service 1. GENERAL This WiFi Service is an Internet access service provided by Downtown London in partnership with Turnstyle Solutions which provides you with access to the Internet
More informationE-DISCOVERY AND E-DISCLOSURE 2013 The Ongoing Journey From Reactive E-Discovery to Proactive Information Governance
E-DISCOVERY AND E-DISCLOSURE 2013 The Ongoing Journey From Reactive E-Discovery to Proactive Information Governance Evolving technologies are expanding the need for effective electronic discovery in legal
More informationThe Proactive Marketer. Ensuring the safe arrival and optimum placement of emails
The Proactive Marketer Ensuring the safe arrival and optimum placement of emails Contents Introduction 4 Data integrity 5 Relevance 6 Reputation 8 Building a firm foundation 10 In summary 11 About the
More informationDavid Crum, Esq. Managing Partner New Mexico Legal Group, P.C.
David Crum, Esq. Managing Partner New Mexico Legal Group, P.C. ABOUT THE AUTHOR David Crum, Esq. David Crum is the Managing Partner of New Mexico Legal Group, P.C., an Albuquerque-based criminal defense
More informationACCEPTABLE USE POLICY
ACCEPTABLE USE POLICY F. Paul Greene Harter Secrest & Emery LLP 1600 Bausch & Lomb Place Rochester, NY 14604 585-231-1435 fgreene@hselaw.com 2016 HARTER SECREST & EMERY LLP THE FOLLOWING TEMPLATE WAS DESIGNED
More informationTAUNTON PUBLIC SCHOOLS Internet Acceptable Use and Social Networking Policies and Administrative Procedures
TAUNTON PUBLIC SCHOOLS Internet Acceptable Use and Social Networking Policies and Administrative Procedures A. INTERNET ACCEPTABLE USE POLICY OF THE TAUNTON PUBLIC SCHOOLS I. Mission Statement: Academic
More informationService NSW Code of Conduct
Service NSW Code of Conduct Contents CEO Message 2 Our DNA 3 We ensure our personal and professional conduct complies with this Code of Conduct 4 We manage conflict of interest responsibly 6 We respect
More informationThe IRS s New Whistleblower Program Another Enforcement Alert for International Business
The IRS s New Whistleblower Program Another Enforcement Alert for International Business By James N. Mastracchio & Scott D. Michel The international business community has witnessed an increase in US tax
More informationMOTORCAR PARTS OF AMERICA, INC. CODE OF BUSINESS CONDUCT AND ETHICS ADOPTED EFFECTIVE JANUARY 15, 2015
MOTORCAR PARTS OF AMERICA, INC. CODE OF BUSINESS CONDUCT AND ETHICS ADOPTED EFFECTIVE JANUARY 15, 2015 The Board of Directors of Motorcar Parts of America, Inc. ( MPA ) has adopted the following Code of
More informationSSSD Bring Your Own Device Policy Structure
SSSD Bring Your Own Device Policy Structure 1. Student Device Overview 1.1. Striving to achieve the most up-to-date, seamless, and effective 21 st Century learning environment, the Shanksville-Stonycreek
More informationPRIVACY RISKS OF AD SUBSIDIZED COMPUTING DEVICES IN SCHOOLS: A SAFEGOV ADVISORY BRIEFING FOR GLOBAL EDUCATION POLICY MAKERS
PRIVACY RISKS OF AD SUBSIDIZED COMPUTING DEVICES IN SCHOOLS: A SAFEGOV ADVISORY BRIEFING FOR GLOBAL EDUCATION POLICY MAKERS SUMMARY SafeGov is a global non profit organization devoted to promoting safe
More informationSecuring Your Journey to the Cloud. Managing security across platforms today and for the future. Table of Contents
P h y s i c a l V i r t u a l - C l o u d Securing Your Journey to the Cloud Managing security across platforms today and for the future Table of Contents Executive summary 1 Journey to the cloud varies,
More informationWhite Paper of Criminal Background Checks
White Paper of Criminal Background Checks Criminal Background Checks For Employment Purposes In recent years, criminal background checks have become a vital part of the employment process, both as a means
More informationCourse Overview and Outline
Course Overview and Outline The My Digital Life curriculum is comprised of seven modules that cover key concepts for building digital literacy. Each module contains between three and nine brief activities
More informationICAEW TECHNICAL RELEASE TECH 01/11
ICAEW TECHNICAL RELEASE TECH 01/11 TECH 01/11: GUIDANCE FOR DIRECTORS ON ACCOUNTING RECORDS UNDER THE COMPANIES ACT 2006 Contents Paragraph Introduction 1-4 The legal requirements 5-9 The accounts to which
More informationHelix Energy Solutions Group, Inc. Code of Business Conduct and Ethics
Helix Energy Solutions Group, Inc. Code of Business Conduct and Ethics Introduction This Code of Business Conduct and Ethics ( Code ) covers a wide range of business practices and procedures. It does not
More informationService Schedule for Business Email Lite powered by Microsoft Office 365
Service Schedule for Business Email Lite powered by Microsoft Office 365 1. SERVICE DESCRIPTION Service Overview 1.1 The Service is a hosted messaging service that delivers the capabilities of Microsoft
More informationTERMS & CONDITIONS FOR INTERNET ACCESS. Service Provided by Fast Telecommunication Company W.L.L. (hereinafter referred to as FAST Telco )
TERMS & CONDITIONS FOR INTERNET ACCESS Service Provided by Fast Telecommunication Company W.L.L. (hereinafter referred to as FAST Telco ) These are the Terms & Conditions upon which Fast Telco will provide
More informationCareer Connection, Inc. Data Privacy. Bringing Talent Together With Opportunity
Career Connection, Inc. Data Privacy Objectives This course is intended for CCI employees. The course gives guidance on data privacy concepts and describes how data privacy is relevant when delivering
More informationAntivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)
Below you will find the following sample policies: Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template) *Log in to erisk Hub for
More informationEmail Image Control. Administrator Guide
Email Image Control Administrator Guide Image Control Administrator Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationThe Fulham Boys School ipad Acceptable Use Policy, Procedures and Information
The Fulham Boys School ipad Acceptable Use Policy, Procedures and Information Except where specifically stated otherwise, the policies, procedures and information within this document apply to all ipads
More information