We continue with our series on Bring Your Own Device (BYOD). Like I stated in the last post, I got sidetracked there for a while during some transition between blogs and with the ITSM Rhino site pre-launch.
To recap, here is a list of the previous posts in order:
- BRING YOUR OWN DEVICE (BYOD): FRIEND, FOE, OR BUSINESS F--KERY
- BYOD RIGHT HERE AND RIGHT FREAKING NOW!
- THE BYOD OPPORTUNITY: RETHINKING HOW TO GET S--T DONE
- BYOD ADOPTION - WHAT'S THE RUB?
- BENEFITS OF THE BIG BAD BYOD
- RISKS OF THE BIG BAD BYOD
Knowing more about some of the frequent hazards of BYOD from an HR and legal standpoint will help you decide how to mitigate them best. It will also keep you out of the hot seat and in your desk seat. We don't want you escorted with all your stuff in a box out the front door.
Conflicts of Interest
Who owns, manages, and uses the data and intellectual property rights? This is a good question when talking about employees bringing their own devices to work and using them to do work on.
Suppose the gadget is utilized for both business and personal reasons and is not partitioned. How is work data separated from personal data? If there is no technical barrier between work and personal data stored, processed, or sent, we could have a problem. If there is no proving who owns, produces, and manages the data in question, we have a problem. These challenges are especially true when talking about both the company's intellectual property and the employee's private data.
Too much flexibility
Checking work emails from smartphones on the way home, rather than shutting down after leaving the office, benefits everyone if it relieves stress and allows a customer to receive a faster response.
However, being theoretically able to work at any time is not always healthy or lawful. Working at all hours may cause your employees to burn out or put themselves under extreme stress.
Frankly, it sucks, and so does anyone who regularly expects it from their employees or if they expect it from anyone they do business with.
Loss of data
When an employee leaves your firm, you should have a controlled departure to choose which data and devices must be retrieved and inspected. If you need to delete work data from a personal device, you must be careful not to delete personal data. This may be simple to accomplish if the device has been partitioned.
If not, get technical and legal guidance before erasing anything. For example, you should often talk with your employees before erasing data from a personal device and provide them the option of backing up their data. If a device is lost or stolen, the same advice applies.
That’s it for now, my next post will be on the protection of data and devices related to BYOD. Let me know what you think?
I only hit on a few things and scratched the surface so feel free to share some more if you can think of them here in the comments. Would love to hear from you.
You can find an extensive BYOD policy package available at ITSM Rhino when it launches in a few weeks. This will include a draft policy template, policy checklist, policy development process flow, whitepapers, research, and much more related to BYOD available for download.