Show These days, most employers can’t keep pace with technology as nimbly as their workforce can. That’s why many forward-thinking companies are now adopting bring-your-own-device (BYOD) policies that allow employees to work on their personal laptops, tablets and smartphones instead of on company-issued equipment. The BYOD trend has been driven in part by Millennials in white-collar positions who have come to rely on using their own technology for both work and play. While asking people to bring their own devices can lower costs and improve efficiency, effectiveness and morale, it also raises a host of security and legal compliance concerns. Fortunately, most of these concerns can be addressed through a well-crafted policy. Concerns From the employee perspective, the biggest concern is that BYOD practices could lead to a loss of employee privacy. Workers may worry that their company will have inappropriate access to their financial and health data, as well as to their personal photographs, videos, contacts and other information—and that they could lose all that information if the company attempts to remove or “wipe” business information from the worker’s device, which typically happens after a person’s employment has concluded. On the employer side, the primary apprehension is related to security. For example, personal devices might not have an automatic lock code or timeout function, and many people do not use passwords to protect their laptops, tablets and smartphones. Equally troubling are worries that employees may connect to their devices via unsecured Wi-Fi hotspots, share them with others or simply lose them. All of these possibilities raise the risk for the unauthorized disclosure or destruction of business data. But other legal problems could crop up as well. For instance, allowing people to use their personal devices for work may make it easier for them to defame the company, their co-workers, customers, vendors, competitors and others or to unlawfully harass their co-workers or subordinates—whether via social media, texting or good, old-fashioned phone calls. Employees using their personal devices may feel more at ease to engage in such inappropriate activity than they would on company-provided equipment. Moreover, if nonexempt employees are asked to use personal devices for work, the employer opens itself up to exposure under the federal Fair Labor Standards Act and state overtime and wage payment laws. Since nonexempt workers will have ready access to the technology, they will be in a position to respond to e-mails and text messages or to otherwise engage in work activities outside their scheduled work hours. Expense reimbursement is another headache. Is a company obliged to pay for the costs incurred in connection with the use of a personal device for work? It depends on state law. For example, California Labor Code Section 2802 imposes broad obligations on employers to cover their employees’ business expenses, which could include at least part of the costs of a wireless voice and data plan if the employee is permitted or required to use a personal device for work. Employers also face challenges in terms of ensuring that business records stored on an employee’s personal device have been saved long enough to satisfy electronic discovery requests during litigation. Failing to retrieve information stored on a worker’s personal device that should have been produced may lead to severe adverse consequences for the employer in the underlying litigation. Key Policy Features To address these challenges, employers should develop and disseminate a comprehensive BYOD policy. A good policy will take into account the concerns of both the company and its employees. There is no one-size-fits-all approach. What works best for a particular employer will depend on the employer’s business, the available IT support and the type of data that needs protecting. However, there are some key features to consider when crafting your policy:
While BYOD policies raise some thorny issues, they can work well when employers balance security, compliance and privacy concerns. The key is being thoughtful and collaborative in your approach. Paul G. Lannon is an attorney at Holland & Knight in Boston. Phillip M. Schreiber is an attorney at Holland & Knight in Chicago. Is a business policy that permits employees to use their own mobile devices to access company computing resources and applications?BYOD (bring your own device) is a policy that allows employees in an organization to use their personally owned devices for work-related activities. Those activities include tasks such as accessing emails, connecting to the corporate network, and accessing corporate apps and data.
What is BYOD and why is it important?BYOD is an evolving practice where organizations allow employees to use their personal devices for work-related activities. Companies that leverage BYOD usually allow employees to use their own laptops and smartphones at the workplace rather than strictly requiring them to use company-owned and IT-managed devices.
How does BYOD work?Bring your Own Device (BYOD) is the set of policies in a business that allows employees to use their own devices – phone, laptop, tablet or whatever – to access business applications and data, rather than forcing employees to use company-provided devices for that purpose.
Which type of attacker hacks computers or websites in an attempt to promote a political ideology?A hacktivist is a hacker activist, someone who attacks computer systems for political reasons.
|