Obstacles surround Bring Your Own Device movement
Medical professional using a tablet computer Purchase photo reprints »
Just recently, my iPad tablet was stolen from my car. At the time, I had it powered on with my business email account open. Within an hour, I was able to get my service provider to remotely wipe it clean of all data.
While I lost the information and photos I had on the tablet when I wiped it clean, doing so was my choice to make. But in some workplaces, the decision wouldn’t have been mine. An employer could have made it for me.
Mobile is here, and it’s hot. But as more employers embrace the “bring your own device” movement, or BYOD, questions abound over whether the workplace and the worker are ready for the heated issues that are cropping up. Concerns with using personal devices for business purposes range from expectations of personal privacy to how to control security breaches.
“BYOD is like the Wild West — rules are being created and changed on the fly,” said Ilan Sredni, an information technology expert in Miami.
A variety of dynamics are driving the trend. Workers are more satisfied when we use our own preferred devices, and using our own tablets, smartphones and laptops saves an employer money in buying and maintaining equipment. And many employees want the latest gadgets and ability to balance their work and home lives on their own devices.
At some Broward Health System hospitals in Florida, doctors roam the facilities with their own laptops and tablets, updating patient orders and scouring records online. Jean-Jacques Rajter, a Fort Lauderdale, Fla., pulmonologist, said it’s an advantage to have a portable computer at your fingertips to show an image to a patient with a tap on the screen. He uses a laptop that converts into a tablet, enabling him to review his patients’ office and hospital charts at the same time. He accesses information through a Citrix program that stores information in the cloud, he explained. “No patient information is housed on the device.”
Of course, the hospital has taken security precautions and encrypts the doctor’s personal device so if it is lost or stolen, it will be wiped clean remotely to protect patient privacy.
While the hospital has a formal BYOD program, other businesses are allowing it on a more individual basis. And with the surge in smartphone and tablet popularity, employees are bringing their devices to work and tapping into company networks, whether employers permit it or not.
Some organizations are tackling security concerns aggressively, requiring employees to install company-issued security or antivirus software on personal devices. Others take it further, blocking workers from downloading certain applications or using the camera on their devices during the business day.
The most important thing a business can do is have a policy around use of personal devices and make employees aware of the sanctions for breaking it, said Mark Stein of Higer, Lichter & Givner in Aventura, Fla., an intellectual property lawyer.
“The policy has to be relatively easy to enforce and enforced uniformly,” Stein said. That can be a challenge. A Cisco Systems survey of global information technology professionals and young workers found 71 percent of Gen Y workers said they don’t obey IT policies.
Stein says most risk will come from activities employees do on their phones that have nothing to do with their jobs, such as posting on social media sites. A policy could ban using the corporate network from a personal device or give the employer the right to search a personal device. It may also need to address who the information on the device belongs to if the worker leaves or gets fired.
“There is not a one-size-fits-all model for policy around BYOD, but if a business isn’t dealing with it yet, it will have to at some point,” Stein said.
Clients are stepping into the conversation, too. The country’s biggest banks and financial institutions are conveying an anti-BYOD message to their law firms, accountants and service providers.
Recently, the global chief operating officer of Goldman Sachs’ legal department said he is concerned over a potential breach in confidential financial information and doesn’t mind if his lawyers have personal smartphones in their pockets — he just doesn’t want them to use the same devices for business.
Home Financing Center of Coral Gables, Fla., a mortgage lender, has a similar concern over keeping customers’ personal information confidential. It has blocked employees from accessing company information from a personal laptop or mobile device and it restricts employee use of personal cellphones at the office to emergencies only, said John R. Allen, vice president of operations.
The biggest issues around BYOD may be the ones the employees themselves raise. Does the information on personal tablets or phones go with them to new employers? Does the boss even need to know you’re using your personal devices for work purposes, and if he learns, can he access information on it? And, of course, the ultimate concern is whether employees are owed overtime for their off-the-clock use of mobile devices.
Niza Motola, special counsel with Littler Mendelson in Miami, said that the BYOD trend has made it evident that with the rapid advance of technology, the laws and workplaces haven’t caught up. “The lines are blurred on what’s personal and what’s professional at work, and that’s only going to get more obvious.”