The survey revealed that 40% don’t use passwords to protect their smart phones although iPhone users are more likely to do so than Android owners, 66% to 54%.
So, with the proliferation of privately-owned smart phones, iPhones and tablets glued to employee’s hands, is there anything employers can or should do to protect precious company data that will likely find its way to these portable devices?
Of course there are.
First things first
While this might sound oversimplified, the first thing an employer needs to do when it comes to whether employees may use their own tech devices for work is to decide if BYOD is a good fit for the company.
“Once a company document is on an employee device, it’s more vulnerable because people tend not to protect their own tech devices as stringently as an employer would like,” cautions Bryan T. Allen, a partner with the Salt Lake City law firm of Parr Brown Gee & Loveless.
If an employer decides to give BYOD a chance, Allen suggests that a written policy governing BYOD be created and implemented.
While Kate-Madonna Hindes, an HR specialist and blogger whose Internet persona is ‘Girl Meets Geek,’ agrees with Allen but with a caveat. “Employers need other complementary policies that should precede BYOD, like one for social media,” says the Minneapolis-based Hindes.
Creating a BYOD Policy
When it comes to implementing a BYOD policy, Allen advises clients to require devices to be password-protected. He also advises business clients to:
- Be certain GPS-type software can be installed on the device in case it’s lost or stolen
- Verify the employer can remotely put the phone in ‘lockdown’ mode while erasing any or all data in the device’s memory
- Include provisions in the BYOD policy prohibiting offensive and harassing communications
The Fresno, California law firm of Dowling Aaron, Inc., implemented its own BYOD policy about 18 months ago when it became clear to the firm’s leadership that attorneys enjoyed using their tech-devices for work. The move towards their current policy began about five years ago when a majority of the firm’s lawyers carried Palm Trios. “They started syncing their devices with Outlook. We thought about issuing our own devices,” but that idea got nixed, says Darin Adcock, the firm’s IT Director.
Several Dowling Aaron’s attorneys favor the iPhone, he says, and when that device and the Droid X came to Verizon (their cell phone supplier), “things exploded here. That was a huge deal to us. Now we’re 75% Apple and 25% Android.”
At Dowling Aaron, employees buy their own devices, but are reimbursed by the firm for their data plans.
BYOD helped us because people got the devices they wanted and we protect them,” says Adcock. Just how does the firm do that? After consulting with several companies that provide mobile device management, Dowling Aaron chose to partner with Atlanta-based AirWatch.
Adcock is effusive when detailing how the firm has benefitted from hiring AirWatch to protect its mobile devices. He likes that he can send a full or selective wipe to any of the firm’s 50 cell phones, a great benefit should any of those devices become lost or stolen.
The phones are also programmed to time-out after five minutes. After ten failed attempts to enter a PIN, devices will automatically erase all data, shut down and revert to factory settings. “I can even remotely lock a device,” he says.
The Big Deal about BYOD
“We are such a start-up nation that celebrates entrepreneurs, so I can’t imagine any company” ignoring the BYOD trend, says Hindes. She attributes the exploding popularity of BYOD to the contract worker who came to work equipped with their own tech devices.
That clicked a light bulb for many employers, she says. “Companies are realizing they can save money by letting employees use their own devices.” Since companies don’t have to provide any equipment to 1099 employees, leadership saw this as a way to save a buck. Besides, says Hinden, “People who use their own tech devices are more productive and more efficient.”
“My attorneys were not going to give up syncing and being mobile so we had to come up with a way to deal with it. BYOD is here to stay,” says Adcock.
Wording the Policy
As part of her HR work, Hindes writes policies and procedures for start-up organizations seeking to become more efficient. “That’s what grabs an investor’s attention,” she says.
She has some words of advice for an entrepreneur wishing to implement a BYOD policy. Once it’s created, inform staff about it and “implement it fairly among employees,” she says. She also suggests that before a policy is implemented, it should be reviewed by an attorney.
Hindes also suggests a FAQ section supplement the written policy. Training your staff about the BYOD policy is also imperative. ‘“It’s not just a world with laptops and tablets. Now the world is mobile,” says Hindes.
Tami Kamin Meyer is an Ohio attorney and freelance writer.
Last modified on Sunday, 19 May 2013