What Are Your Risks with Employees Bringing Their Own Electronic Devices for Work | BYOD
You may have heard of the idea of “Bring Your Own Device to Work” (BYOD) and wondered what it means, or, you may have not thought too much about it. As is always the case as it seems, almost any activity which employees engage, could have an impact on the employer. Thus, employers need to be aware of this idea and decide how to address. The question is does it matter if employees bring in their own electronic devices to use in work? The answer is yes!
As you well know, most employees can now be effective in their work almost from anywhere as a result of improved electronics. The electronics used today are becoming easier to access and easier to be used by people in the work environment.
Corporate data and information can now be available on personal devices very easily (cell phones, tablets, laptops, etc.). Employers need to consider how corporate data/information is to be stored, secured, used, accessed, protected and ultimately destroyed. Employers should consider how to determine if there is a security breach of corporate data/information and how then to give notification of the breach.
As you have already considered, the question or security and control of the data/information is paramount! How can your business secure corporate data/information on devices which it does not own or manage? What happens to the information on the device if it is lost or stolen and the employer does not know? What is the impact of employees using the employer’s network at work for internet access on their personal device? One other concern is the discoverability of the data/information on the personal devices in case of litigation.
There are many factors to consider regarding BYOD. Employers want to offer an easy way for employees to get work accomplished while also protecting important corporate data/information. The solutions in handling electronic information and data access are numerous. The decision of how information is accessed by employees should be studied and policies written. Obviously, information technology staff should be in on the conversation. Others to include in the conversation are the human resources staff, financial team members and your legal counsel. Be sure to have a policy that protects the business and the data/information entrusted to the business.
There are cases which are starting to pop up across the nation concerning these issues. Staying informed as this process develops is important. If you have questions, please feel free to let us know.