Bring Your Own Device (BYOD): Challenges for Employers
With the explosion of new handheld mobile devices such as the iPad, many employees want to use their devices in conjunction with their work. Many employers find this attractive; it reduces IT budgets and allows workers to use platforms with which they are familiar. For this reason, many employers allow employees to “Bring their Own Device,” or BYOD.
The statistics demonstrate that BYOD is a growing trend. According to a recent study by Cisco, 78% of employees use their own device in connection with their work, and 70% of organizations allow employees to use their own devices. However, despite this increase in BYOD, few employers have policies in place to govern this arrangement. In fact, another study by F5 Networks, Inc. estimated that 75% of organizations do not have a BYOD policy.
BYOD presents a wide array of potential problems for employers. One of the most serious concerns is security; lost or stolen devices could contain a significant amount of confidential or proprietary information. Even more troubling, a lost or stolen device with few security safeguards could allow an outsider access to the entire IT infrastructure of the organization.
Security is not the only concern. Allowing BYOD invites a host of privacy concerns; if employees are using their devices for a blend of work-personal communications and activities, disputes may arise between the organization and its employee if the organization wishes to access the device or monitor its use. When an employee leaves an organization, they will take their device with them. When they do so, their former employer may find it difficult to access the device to ensure that all company information is deleted.
A BYOD policy may also increase an employer’s exposure to harassment allegations if employees use their mobile devices to harass or stalk other employees. If employees misuse devices that are under the supervision and control of the employer, an employer could face liability for this misuse.
Many of the problems outlined above may be addressed through a well-crafted BYOD policy. A BYOD policy should address issues such as:
- Who is responsible for maintenance and cost of the mobile device?
- An agreement on the part of the employee to remove any applications identified by the employer
- A plan for lost or stolen devices
- Clarification of employee privacy on the device, both during and after employment
- Employer expectations for responsible use of the device
A BYOD policy must be customized to the employer and the unique circumstances under which the BYOD policy operates. Taking the time to develop and implement such a policy is a responsible step that any organization should take before BYOD presents a problem.