BizTech Law Blog
The days of carrying around a work phone and personal phone are quickly dwindling, if not already gone. Instead, businesses are implementing bring-your-own-device ("BYOD") policies that allow employees to access corporate information from their personal mobile device. On one hand, providing employees with mobile access to information increases productivity by allowing employees to work from anywhere. On the other hand, allowing corporate information to be accessed on devices that are mobile and capable of falling into the wrong hands produces a host of new security issues. This creates a difficult balancing act for employers who want their employees to be productive, but still want to maintain control over the information being accessed.
BYOD policies and mobile device management ("MDM") software must be implemented properly to provide the employer with a requisite amount of control while not making the employees feel as though Big Brother is watching. The best way to implement a BYOD policy is to gradually add more controls. Basic policies, such as passwords to access corporate information and the ability to wipe a device in the event it is stolen, is a good place to start. Once employees are comfortable with the system, more policies can be implemented. MDM software is generally quite powerful and can track most, if not all, of employee actions. It is up to the employer to determine how much information it will gather about its employees. Importantly, employers need to make the policy available to employees to review and the employees must consent before the employer can exercise any degree of control over the device.
The optimum BYOD policy should require a two-factor authentication process to access information that is encrypted and sandboxed. This way the company only needs to monitor the sandboxed corporate information and can wipe that portion of the phone without interfering with other personal applications. The rise of BYOD policies has led to new legislation protecting personal privacy rights to data. Before implementing a BYOD policy, contact a Foster Swift attorney to ensure your policy is both effective and legal.
Shareholder and Firm TreasurerNicholas focuses his practice in the areas of Michigan non-property tax disputes, business entity selection, corporate transactions, and information technology.
