While mobility trends such as BYOD are not necessarily new phenomena in the IT landscape, the risks associated with these mobile techniques and tools are still being uncovered by eager adopters in every corner of the public and private sector. Government agency officials and business leaders alike have encountered their own unique roadblocks on their way to total mobile integration, and recent developments in the news have shown that risk can arise from the most unpredictable sources.
Decision-makers must keep their eyes peeled for potential pitfalls and use MDM solutions in a way that proactively addresses unlikely problem areas. This means looking into the legal issues that can arise from the use of personal devices in the workplace, and the privacy concerns that still keep some employees and administrators wary of these technologies.
Precise policies are key
When it comes to the development of a BYOD policy, IT administrators and high-level leaders must make themselves unmistakably clear about best practices and the protocols that employees must uphold when using personal devices both inside and out of the workplace. As a recent article from FierceMobileIT pointed out, a failure to construct strong, coherent policies can come back to bite an organization if even a minor mistake is made by an employee or other IT stakeholder.
The source highlighted the story of Saman Rajaee, Houston employee of construction firm Design Tech, who accessed work-related files and applications on company servers using a personal device. Upon his resignation from the company, Design Tech wiped his device clean - personal information and all - costing him a reported $100,000 in lost personal project information and business contacts. The organization was then sued for damages, falling under major scrutiny in light of legislation such as the Stored Communications Act and Computer Fraud and Abuse Act.
"Employers using a BYOD environment really need to put a BYOD policy in place," said Brian Hall, an attorney with Porter Wright Morris & Arthur LLP, according to the source. "Had Design Tech had such a policy, it could have - and indeed, should have told its employees, including Rajaee, that upon separation of employment (or, for instance, also if the device is lost or stolen), any device used to access the employer's network would be wiped."
While Design Tech was not found guilty of breaking any laws, FierceMobileIT explained that the repercussions of weak or absent BYOD policies are obvious and hazardous. Organizations should build their policies from the ground up with the assistance of a dedicated mobile device management service provider.