close

Log in

Access to premium content is restricted to healthcare professionals / registered members. Login with your email address to continue.

Forgot Your Password?

Don't have an account? Sign up

module menu icon

IT security

IT Security Basics
Common IT Security Risks
Training
Policies
Device Security
Passwords
External Devices
Phishing Attacks
Malicious Software
Summary
IT Security Quiz

module menu icon Device Security

Well done, you’re getting there.  (0% complete)

quiz close icon

module menu icon Device Security

Device Security

Device security is the consideration of who can see or access devices. The first consideration is who can see the screen of devices when they are being used. If there a possibility that unauthorised people could view the screen e.g. during use with customers or on public transport, consider adjusting the angle of the device or using a privacy screen protector.

Screen Visibility Icon
Unattended Devices Icon

If devices are left unattended, they should be locked. Work devices should not be left unattended in vehicles or public places and reasonable steps should be taken to make sure the devices are not stolen. In the event of a device being stolen employees should be aware of the policy to follow.

The second consideration is ensuring all devices are up to date with software/operating system/ application updates especially those related to security. Most devices will prompt users to update or have an option to do this automatically.

Software Updates Icon
Access Control Icon

Thirdly access to devices, applications, software etc should be considered. Colleagues should only have access to devices, applications, software etc that they require for their role. This could be a job for the Information Governance Lead (all colleagues including locums should know who this is) but could be anyone in the pharmacy that has administrator level computer/software/application access (they have access to set up and manage other users). Access to devices etc should be reviewed regularly and unnecessary access should be removed. Access to any devices etc relating to the business should be removed when a colleague leaves the business.

You should also consider access by people other than your colleagues. There will be some occasions when it will be necessary to allow non-colleagues access, such as when you have work done on the system or if you provide free Wi-Fi but as a rule no-one outside the business should have access to your IT devices or systems. If you are using a professional to complete work on your IT make sure it is planned, colleagues are aware of the date and time and that you authenticate the ID of the person carrying out the work. If you provide free Wi-Fi for customers, then you should set up a separate network for the business devices. Visitors to the business should not be left alone with unlocked IT equipment unless it is necessary for the role they are performing.

External Access Icon

IT security

Continue Module
Change privacy settings