Family at the keyboard: How to protect business data from household members?

In the age of remote and hybrid working, many people use business equipment at home. While home is our place of peace and privacy, it also poses specific challenges for data protection. Do your household members have access to your business laptop or phone? What should you keep in mind to ensure data security?

Why is this important?

Working from home can cause us to become less vigilant about protecting personal information. Family members, although not ill-intentioned, may unknowingly gain access to confidential information. This can result in the accidental disclosure of data, which is a breach of the GDPR regulations. It is important to follow data protection rules in the home office as well.

What are the risks?

Unauthorised access to business equipment.

Sharing computers or tablets can lead to household members accessing business files. Children may accidentally open documents containing personal information or change security settings.

Conversations about work in the presence of household members.

Telephone or video conference calls made in the presence of family members can lead to the disclosure of confidential information. Children, a spouse or guests may hear details about clients, projects or company strategy.

Unsecured business equipment.

Leaving an unsecured laptop, phone or tablet at home can result in outsiders gaining access to data. If equipment is stolen or lost, the consequences can be severe.

Example from life

At one company, a remote employee, using his work laptop at home, left it on the kitchen table unsecured while he busied himself with other household duties. His teenage son, wanting to quickly check something on the Internet, started using this laptop. He accidentally opened a file that contained customer data, including detailed contact information and notes on their business preferences.

Curious about what he saw on the screen, his son took a picture of the visible data, thinking it was funny and unusual. Then, not realising the seriousness of the situation, he posted the picture on his social media profile, adding a humorous comment.

The photo quickly began to gain popularity and spread beyond his circle of friends. As a result, the company's customer data became publicly available, leading to a serious breach of GDPR regulations.

What can you do?

Secure your equipment.

Always lock your computer, phone or tablet when you walk away from them, even if you are at home. Use strong passwords and, if possible, activate the auto-lock function after a short period of inactivity.

Set rules at home.

Establish with your household members that business equipment is not for the use of others. Explain to them why data protection is important and what the consequences of their unauthorised access to information may be.

Be aware of conversations.

When making phone or video conference calls, choose places where you can maintain privacy. Avoid discussing confidential issues in the presence of third parties.

Keep your equipment in a safe place.

When you are not using your equipment, store it in a locked place, such as a drawer or special laptop bag. This will protect your data from unauthorised access in the event of theft.

Remember

Working remotely requires extra vigilance when it comes to protecting personal information. Although home is our fortress, we need to ensure that business information is as safe there as it is in the office. Putting simple rules in place can prevent unpleasant consequences, both for you and your business.

Czytaj także:

Najczęstsze błędy przy zawieraniu umów powierzenia
Administratorem Twoich danych jest ODO 24 sp. z o.o. z siedzibą w Warszawie (03-812) przy ul. Kamionkowskiej 45. Twoje dane są przetwarzane w celu świadczenia usługi biuletyn informacyjny na zasadach określonych w Regulaminie ŚUDE. Więcej informacji na temat procesu przetwarzania danych osobowych oraz przysługujących Ci praw uzyskasz w Polityce prywatności.
Potwierdź swój adres e-mail
Wejdź na swoją skrzynkę pocztową, otwórz wiadomość od ODO 24 i potwierdź adres e-mail, klikając w link.
Jeżeli nie znajdziesz naszej wiadomości - sprawdź w folderze SPAM. Aby w przyszłości to się nie powtórzyło oznacz wiadomość jako pożądaną (klikniknij prawym przyciskiem myszy i wybierz "Oznacz jako wiadomość pożądaną").
Odbierz bezpłatny pakiet 4 poradników
i 4 szkoleń e-learningowych RODO
4x4 - Odbierz bezpłatny pakiet 4 poradników i 4 szkoleń RODO
Administratorem Twoich danych jest ODO 24 sp. z o.o. z siedzibą w Warszawie (03-812) przy ul. Kamionkowskiej 45. Twoje dane są przetwarzane w celu świadczenia usługi biuletyn informacyjny na zasadach określonych w Regulaminie ŚUDE. Więcej informacji na temat procesu przetwarzania danych osobowych oraz przysługujących Ci praw uzyskasz w Polityce prywatności.
Administratorem Twoich danych jest ODO 24 sp. z o. o. >>>