The current situation has required us all to be adaptable, responsive and flexible in order to continue delivering services. This approach has also been taken with regards to the delivery of IT and communication services. However, the security and protection of staff and customer data must always be considered, even in unprecedented times like these.
There have a been a number of requests or questions around the use of non-Council provided apps such as Zoom, WhatsApp, and Google Forms. While these apps are not inherently insecure they are not suitable for conversations or gathering data which may include personal or sensitive information, or even business sensitive information.
These apps do not guarantee that they process or store data on systems located within the EU. Therefore, we are likely to technically be in breach of data protection legislation.
Also, these apps can be used from personal devices which are not registered with or managed by IT Services. This introduces risks such as, but not limited to, not being able to determine the security controls on the device, not knowing who else has access to the device or data, and no way to wipe data if the device is lost or stolen.
Personal phones and tablet devices can now be enrolled in the Council’s BYOD service. This then allows access to Microsoft Teams for video conferencing and instant messaging, which are the approved equivalents to apps such as Zoom and WhatsApp respectively.
In addition, Office365 has a Forms package which can be used to create surveys for distribution internally to staff or externally to customers and service users.
All of these Council-provided apps process and store the data captured securely in our own Office365 system and inline with our legal or ethical data protection responsibilities.
For further advice or guidance on the use of these tools, please contact your local Digi Guru or the IT Services Service Desk.