Carry out due diligence: check devices’ safety and ensure that users are adequately skilled to protect their device and themselves.
Educate users about privacy and security settings and assist them to set these up before giving them a device.
Agree standards for acceptable use with each user before giving a device.
Update devices with spyware protection and check for security breaches before giving to users. Advise them to regularly do the same.
Once they have received a device the onus falls on the user to maintain a safe and secure device and use it in a manner that does not increase risk.
1. User receives breached device: putting a service user’s privacy and security at risk
Q: Are staff updating settings, spyware and virus protection before giving devices?
2. Existing risk of abuse is increased: user experiencing offline abuse becomes at risk of online abuse from an existing perpetrator
Q: Does the user have the ability to safely and securely use the device in their home?
Q: Are extra precautions being taken for individuals vulnerable to online abuse and harm?
3. User fails to maintain device security or take precautions: makes them vulnerable to privacy breaches, scams and abuse
Q: Has the user been educated on how to protect their online privacy and security?
Q: Does the service user understand their responsibility to keep themselves safe once they have received the device?
4. User uses device in a way that creates risk: poor awareness of how to communicate and handle information online puts the user at risk of harm from others or harm to themselves through oversharing or inappropriate behaviour
Q: Does the service user understand the nature of digital communication and privacy settings of platforms they intend to use (e.g. social media, messaging apps)?
The essential digital skills framework (Futures.now)
Secure your devices (NCSC)
Providing devices and training to increase digital inclusion (Being Woman)