All the talk about bring-your-own-device (BYOD) has been about protecting company information. But there’s another side to it: protecting employee data.
Employees are waking up to the fact that BYOD is both invasive and dangerous for personal data. At first, allowing employees to bring in personal devices both drove efficiency and put them in control. But, as mobile device management and corporate policies have begun to catch up with the trend, bringing a phone into work is starting to sound a little sketchy for many workers.
Roughly 80 percent of employees in a recent Harris Interactive (News - Alert) survey said are concerned about employers viewing private information on their personal devices. This can include their location, which websites they visit, or what apps they use.
This is not surprising given the type of messages they get when they bring in their phone and allow an MDM or enterprise management solution to be installed on the device.
An example of one such notice upon MDM installation:
“Installing this profile will allow the administrator to remotely manage your iPad. The administrator may collect personal data, lists of apps, add/remove accounts and restrictions, and remotely erase data on your iPad.”
These are not exactly words that inspire confidence in personal data privacy.
While it is true that leaked business data probably will have a more negative effect than revelations about what app someone is using, it is important that corporations respect employee privacy, or these personal smartphones walking into the office might start going underground to avoid corporate heavy-handedness.
One solution to the problem is dual-booting devices that put a strict wall between personal and corporate identities. But, companies also need to make policy adjustments to sooth the fears of their workers.
Three sensible adjustments include applying policies only when the mobile device is used for work purposes and not imposing restrictions on the employee’s personal mobile experience. Be less heavy-handed, basically. Companies should also prevent IT managers from viewing websites visited or applications accessed when using the device for personal purposes.
Finally, make sure that employee personal content, such as photos and files are secured, so if there is a device wipe, it does not affect such documents. Nothing will kill a BYOD policy faster than hearing that your company has destroyed the family photos on an employee’s phone.
BYOD has gone mainstream, but with it come new adjustments. At first it was about protecting corporate data; now it includes employee data as well.
Edited by Blaise McNamee