Employers want employees to stay connected. Employees appreciate the flexibility of working remotely. So employers let employees access email and login to company applications on their own phones, laptops, and other devices. In fact, according to one source, 59% of companies permit employees to use their own devices and another 13% plan to do so in the next year. https://www.insight.com/enUS/learn/content/2017/01182017-byod-statistics-provide-snapshot-of-future.html
BYOD is short for “bring your own device.” It’s the widespread practice of permitting employees to use their own mobile devices to access company information and applications. One important question, however, is how do you protect company information when the company doesn’t have possession of the devices on which it is accessed?
Your first line of defense is establishing policies and procedures that govern the use of employee-owned devices. And while a full discussion of BYOD and electronic information policies is beyond the scope of this post, here are five tips for ensuring data security:
- Reserve the right to access the device – If employees keep company information on their devices, the company needs the ability to take possession of the device temporarily to access and collect information for legitimate business purposes.
- Encryption is a must – Any sensitive data on a personal device should be encrypted.
- Security protocol – This means malware, security patches, and password rules.
- Departing employee protocol – Have a plan for how to remove company data from personal devices. This may mean a remote-wipe feature.
- Put it in writing – Memorialize your BYOD policy and get signed acknowledgements. Also put in place related electronic information policies, such as confidentiality agreements, no use of electronic devices while driving, and so forth.
Managing corporate information has never been more challenging, but, if done correctly, using employee-owned devices can be a win-win for employers and employees.
If you’d like help creating a BYOD, electronic information, or other employee policy, we’re here to help.
*Photo Credit: blackzheep via freedigitalphotos.net
*The information contained on this blog is not legal advice, nor does this blog create an attorney-client relationship. Klein Bussell attorneys do not blog about pending matters handled on behalf of our clients and will never disclose client confidences.
**Special thanks to Karla Grossenberger, who covered this topic during her seminar entitled “The E-Workplace: Privacy Issues and Cyber Security.”
The information contained in this blog does not constitute legal advice, nor does this blog create an attorney-client relationship. KSM attorneys do not blog about pending matters handled on behalf of our clients and will never disclose client confidences.