November 20, 2014 admin

Managing the Risk of BYOD ( Bring Your Own Device )

BYOD refers to the policy of allowing employees to use their personal mobile devices to access their employer’s information systems and applications for business purposes. In recent years, there has been a fundamental shift in the way people understand and interact with electronic information. Employees expect to be able to work with the device of their choice and dislike the inconvenience of maintaining separate mobile devices for business and personal use.

As with any technology, there are risks associated with implementing a BYOD program. There are legal risks, such as the ability to access information responsive to a document requests for preservation or production; there are regulatory risks associated with information on those devices that may be subject to regulatory retention and supervision requirements; there are information security risks associated with lost or stolen devices, as well as many different devices having access to the organization’s networks; and there are data privacy risks associated with the mix of personal information with business information on one device. Consider the use of text messaging in a BYOD program. With an organization-owned device, the organization has the option of centralizing control of its employees’ text messaging by disabling text or instant messaging capabilities on the device or capturing such messages for business purposes on the organization’s centralized infrastructure. With a BYOD program, however, an organization loses its ability to easily block or capture business-related text messages, and is forced to rely more heavily on employee participation and compliance with policies to manage risk.

Configure policies to prevent data collection from personal email, content or applications on an employee-owned device. GPS location, personal user information and telecom data can also remain private, and employee-owned devices can be protected from a full device wipe or remote control. With custom Terms of Use (TOU) agreements based on user role, organization group and device platform, users can be informed about data that will be captured and what they are allowed to do with the device.

Leave a Reply

Your email address will not be published. Required fields are marked *