By: Lee A. Schwartz, Principal, Lee A. Schwartz & Associates

June 30, 2015 9:29 pm EDT
Devices

What is BYOD?

Bring Your Own Device or BYOD refers to a program of permitting employees to bring personally owned mobile devices, such as laptops, tablets and smart phones to the workplace and allowing employees to use those devices to access confidential company information and applications. With an estimate of 95% of employees using at least one personal device for work purposes, BYOD is a reality that you cannot ignore.

Advantages of Allowing Your Employees to Use Personal Electronic Devices

As I am sure you know, there are many advantages of allowing your employees to work on and access corporate data from their own personal devices. Some advantages are as follows:

  1. Creates more flexibility for employees;
  2. Results in cost savings to the company; and
  3. Increases productivity since employees are happier, more comfortable and often work faster with their own devices.

Risks of Allowing Your Employees to Use Personal Electronic Devices

There are significant risks in allowing your corporate data to be accessed on your employee’s personal devices that you have no control over. Such use can result in data breaches which can occur in any number of circumstances, one of which is when an employee uses a personal device to access and save company information and then loses that device. Anyone who finds that device may be able to retrieve company trade secrets and other sensitive information relating to the company, its customers or its employees. A breach can also occur if an employee sells their device, trades it in for a newer version or passes it along to a friend or family member without removing the sensitive company information. It is imperative to put security measures in place to reduce the risk of company information being disclosed to unauthorized individuals.

BYOD Policies

If your company allows employees to use their own mobile devices at work, you should have a BYOD security policy that clearly outlines the company’s policies to manage these devices and insure that network security is not compromised by your employees. Some key points to consider when formulating such a policy are as follows:

  1. Determining what data employees can have access to with their own device;
  2. What security measures will be in place should an employee’s device be lost, stolen or compromised; and
  3. Which applications will and will not be allowed to be downloaded onto such device, whether personal or business related.

Your Company’s BYOD policy should provide detailed security requirements for each type of personal device that is used in the workplace and connected to the corporate network.  For example, your company should require devices to be configured with complicated alphanumeric passwords, prohibit specific types of applications from being installed on the device or require all data on the device to be encrypted. Other BYOD security policy terms may include limiting activities that employees are allowed to perform on these devices at work, such as only allowing email access for corporate email accounts and periodic audits by the company to ensure the device is in compliance with the BYOD policy. Another important point to address is what procedure will be taken with respect to personal devices which have, or have had, access to company information when an employee leaves the company. Many companies address an employee exit strategy with respect to such devices which requires a wipe of the device to be performed.

Employees’ use of personal devices to access your company’s data is increasing and so are the issues related to such usage.  Because the use of personal devices in the workplace has its risks, it is imperative that if your company permits its employees to access corporate data on a personally owned device, you adopt a BYOD policy to minimize those risks.

The views and opinions expressed herein are those of the author(s). Core Compass’s Terms Of Use applies.

About the author

Lee A. Schwartz, Esq. is Principal of Lee A. Schwartz & Associates in Melville, New York. He has practiced law for over 20 years in the areas of corporate and real estate law, and all aspects of trusts and estates.

mobile deviceslaptopssmart phonespersonal electronic devicescorporate dataBYOD security policy
Editor's Selection

Business Taxes

HRAs Are Back

In 2017, Health Reimbursement Accounts (HRAs) will be available to employers with fewer than 50 full-time-equivalent employees and are tax-free as long as employees also have health insurance.

Intelligent Investing

Become the Landlord of Your Stocks

If you are able to understand the principal concepts of how to become an effective landlord of real estate, then applying the same principles on how to become an effective landlord of your stock portfolio is highly achievable.

Intelligent Investing

The Grand Divorce

How does total domination in a sector of the economy play out for the shareholders of the leading company involved?

Personal Taxes

Caution With S Corporation Losses

The Tax Code allows you to deduct losses to the extent you have money invested in the S. If you try to deduct beyond that threshhold and it isn't your personal money, expect problems with the IRS.

Intelligent Investing

Net Neutrality or Level Playing Field

“Net Neutrality” is a worthy concept in theory, but the loss of its most powerful supporter and bureaucrat will significantly change the landscape of internet access and concentration issues in more traditional media outlets.