As smartphones (iPhone, BlackBerry) and tablets (iPad and Kindle Fire) become more popular, employees are increasingly asking if they can use their own devices for work.
Whether employees use these devices for work full-time or just to take work home to check email after hours, many employers are recognizing the advantages of giving them a nod. It can boost productivity and employee satisfaction as well as reduce capital equipment expenses.
In a recent survey, 75 percent of responding organizations said they allow employees to use their own mobile devices for business. Some companies even provide a stipend for the purchase of such devices and/or pay the monthly service fees.
But on the down side, there are some threats to data confidentiality and security with personal devices, and employees are required to give up a measure of privacy.
When an employer provides employees with a mobile device, their IT department equips it with software to protect it from thieves and hackers. This is not always the case with personal devices. When employees leave the company, they are required to return all company-owned equipment. Not so with their personal mobile devices.
If you let employees use their personal devices for company business, here are some suggestions to protect your assets:
- Insist on the installation of a security package, including password protection, encryption, automatic lock-out after several failed log-in attempts, automatic log-out after a period of inactivity, anti-virus and anti-spam protection, and remote “wipe” capability, which wipes the device’s memory clean.
- Get employees’ written authorization to issue a remote wipe command if the device is lost or stolen and have them sign a release of liability for any loss of personal data that ensues.
- Get employees’ written consent to access the device for legitimate business purposes.
- Plan how to retrieve proprietary information when employees leave the company. One way is to include a review and deletion of company data as part of the exit interview. For hostile terminations, you may need to do a remote wipe command.
A separate issue involves employees’ personal use of devices for non-work purposes during business hours – such as sending personal emails or texts, recreational Internet surfing, etc.
Policies vary, depending on the nature of the work, the setting and the work force. Obviously, use of personal devices should be prohibited where it could be a hazard, such as manufacturing or transportation.
At the other end of the spectrum, a professional work force may require only a general statement, if anything, such as, “The use of personal electronic devices for non-work purposes during business hours should not be excessive nor interfere with work.” A middle ground might be to restrict the use of such devices to breaks or urgent communications.