Slide 1

Slide 2 Michael Gallagher Glasgow City Archives IRMS Scotland Group 11 June 2013 Slide 3 What is it? Why is it relevant to us? What can we do about it? How much of a change is it? Slide 4 More iPhones sold each day than babies born worldwide Mobile devices outnumbered humans in 2012 Range of devices: Laptops, desktops, smartphones, tablets, notebooks.....notepads? Slide 5 Almost 50% while on holiday Almost 40% while commuting Almost 20% while driving 5% in a place of worship Source: Consumerization of IT Study: Closing the Consumerization Gap, IDC/Unisys, July 2011 Slide 6 75% of organisations currently support it further 13% planning to by end of 2013 Good Technology survey, January 2013 47% of all UK adults use a personal smartphone, laptop or tablet for work YouGov survey, March 2013 80% will be doing it by 2016 Gartner, June 2012 48% of organisations would never allow it Cisco/Redshift Research, January 2012 Slide 7 Users like it Cost savings? Increased productivity and flexibility Better technology Slide 8 Loss of control of recordkeeping Compliance/legal Security risks Continuity and preserving the record Slide 9 Decentralisation of recordkeeping Everyone is a records manager? What if the device gets lost, or the employee leaves? Distinction between device and data on it Slide 10 Data Controller: a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. It is important to remember that the data controller must remain in control of the personal data for which he is responsible, regardless of the device used to carry out the processing. (ICO guidance, March 2013) Slide 11 Data protection and freedom of information obligations What legal right does an organisation have to look through my stuff? Balance between keeping company data secure and personal data private Slide 12 Risks associated with mobile working in general 34 (of 120) undertakings and 5 (of 32) civil monetary penalties related to loss of data using mobile devices FOI request to ICO (Jan 2011 Jan 2013) Data less secure? Basic security measures, password, encryption, anti- virus High profile issue: threat of fines, reputational damage Slide 13 5% of corporate data stored ONLY on smartphones Osterman Research, May 2011 Individuals making their own decisions on records management Value of records and the archive not immediate concerns Personal archives Slide 14 Loss of control of recordkeeping Compliance/legal Security risks Continuity and preserving the record Consumerisation cannot be stopped. It can only be dealt with. BT white paper, The Future of the Office Slide 15 Records manager IT Users HR Legal Finance Slide 16 Do nothing... Ban it Provide (and manage) it Slide 17 Establish organisations level of influence Audit types of device/data Set the rules and create employee agreement Engage with users Slide 18 Slide 19 Assess existing policies and create a framework Alignment with IT, HR, Legal, Finance Who pays? What level of support is there? Slide 20 ORGANISATIONEMPLOYEE Right of access to certain data Circumstances under which it can access it Level of support Powers and sanctions Follow all relevant policies and procedures Security measures Only access certain information Responsibilities at end of devices life Slide 21 Separate corporate and personal data Classify data or users Make policies and procedures device- independent Work with IT on security and compliance Get data off device and keep safe while on it Slide 22 Individual responsibilities highlighted Not unique to the use of personal devices reposition our efforts ...worrying lack of guidance from employers on use of personal devices. (ICO, March 2013) How good RM can help users Manage privacy expectations Slide 23 We cant stop consumerisation, but we can manage it Many challenges not unique to this environment Cooperation vital: with users, as well as IT, HR, management... Information sexy....information professionals too?