Iowa Banking Law Blog
BYOD (“Bring Your Own Device”) – What Is It and Why Employers Should Care
Apr. 9, 2013 – Janet E. Phipps Burkhead, Iowa Banking Law Blog, Iowa Employer Law Blog
Co-authored with Sara Laughlin
We all have one – at least almost everybody. What do we all have? A mobile device we carry everywhere to stay connected. This also means employees, as well as contractors and temporary workers, are carrying their mobile devices to your workplace.
BYOD is more than a trend now; it is a way of life for employees and employers. Why should employers care that employees and other workers bring their mobile devices to work? Because BYOD presents significant implications for employers. Odds are good that employees are using their personal devices to access company data, with or without, the company’s permission. Data security in the BYOD context is especially concerning for financial institutions and health care employers, but also implicates any employer storing social security numbers, financial and health information, confidential and/or proprietary information, and trade secrets.
If you don’t have a BYOD Policy, it is strongly encouraged to put one in place. There are several considerations in developing and writing a policy:
Additionally, there may be business-specific considerations that need to be addressed in a BYOD Policy:
Even with all the above, consideration must also be given to an employee’s mobile device when an employee leaves the company. These include adding to the HR checklist and employee’s exit interview a reminder to wipe the employee’s device. A plan should be in place to remotely wipe a device in the event of a quick departure by an employee. Additionally, an employee’s access to company email, contact lists, and other company data should be disabled upon the employee’s departure or even sooner.
It is safe to say that mobile devices are here to stay and that employees will bring their devices to work whether or not authorized for use. To protect the company, a written BYOD Policy is essential so that employees have clear expectations on the use of their mobile devices in the workplace.