The purpose of this policy is to ensure so far as possible that personally-owned devices used by members of staff and pupils are used in a manner which protects client confidentiality, personal data and the confidentiality of chambers communications. This policy supplements the chambers IT.
All members of staff and pupils should be made aware, whether through IT policies or employment contracts, that chambers reserve the right to access personally-owned devices for the purpose of ensuring the effectiveness of this policy, in the event of termination of employment or the pupillage or if it is suspected that there has been a breach of this policy or the chambers IT.
With the approval of Ryan Thompson, members of staff may use personally-owned computers, smartphones and tablet computers (“approved devices”) for purposes related to chambers.
With the approval of Ryan Thompson, pupils may use personally-owned computers, smartphones and tablet computers (“approved devices”) for purposes related to their work.]
Approved devices must be secured by a password or a biometric access control (e.g. fingerprint scanner or facial recognition). Passwords should be sufficiently memorable that the user can avoid writing them down, but not obvious or easily guessed. Long passwords are best, as a short password can be cracked more easily by hacking software. A combination of three words, using a mixture of upper case and lowercase characters and at least one numeral may be easiest to remember. Default passwords (e.g. ‘1234’, ‘admin’) should always be changed. The same password must not be used for all devices, services and websites. Passwords must be changed if a password is disclosed to another person or discovered, and in any event every six months.
Approved devices must be configured so that they are automatically locked after being left idle for a set time of no more than 5 minutes in the case of mobile devices and 10 minutes in the case of desktop.
Approved devices must be encrypted in a manner approved by Ryan Thompson.
Care must be taken to avoid using approved devices in a manner which could pose a risk to confidentiality, whether by clicking on links in suspicious emails, accessing potentially harmful websites, using potentially harmful application software, using wi-fi facilities in public places (e.g. coffee shops or airports), or otherwise. Some apps may be capable of accessing sensitive information. Software which is not used should be removed from approved.
In the event that an approved device is lost or stolen, or is suspected of having been lost or stolen, Ryan Thompson must be informed as soon as possible so that such steps as may be appropriate may be taken to delete from the device the chambers email account and other data belonging to chambers or its clients, and to report the loss of the device.
Passwords to approved devices must be kept confidential and must not be shared with family members or third parties.
Approved devices must not be used by family members or other persons unless either:
the device has been configured for separate logins to ensure restricted access to files, or
the member of staff [or pupil] uses the device for work using only chambers remote access.
Approved anti-virus software must be used on approved computers and must be kept up to date. The latest security updates to the operating system and browser software must be routinely installed on approved computers (this does not require the installation of an entirely new version of the operating system).
Home Wi-Fi networks must be encrypted. Caution must be exercised when using public Wi-Fi networks as public Wi-Fi networks may not be secure.
Except in the case of an emergency, members of staff and pupils may not copy data from approved devices to other personally-owned devices. The data must be securely deleted when the emergency has passed.
Appropriate cloud storage services may be used with the permission of Ryan Thompson. Services which do not encrypt data before the data is uploaded will not be approved.
If an approved device needs to be repaired, appropriate steps must be taken to ensure that confidential information cannot be seen or copied by the For this reason, the arrangements for repair must be made through chambers.
In the event that an approved device needs to be disposed of, confidential material must be destroyed or wiped using a recognised method to put the data beyond recovery, to the satisfaction of Ryan Thompson. Merely deleting the files, single-pass overwriting, or reformatting the disk is Physical destruction or the use of specialist deletion and overwriting software is necessary.
In the event of a member of staff or pupil leaving chambers, appropriate steps must be taken to the satisfaction of Ryan Thompson to remove the chambers email account and other data belonging to chambers, Members of chambers or their clients from approved devices and cloud storage services used by that member of staff or pupil.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
1 year 1 month 4 days
Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*
1 year 1 month 4 days
Google Analytics sets this cookie to store and count page views.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.