Concerned about Privacy? BYOD Might Not Be for You.
When you interview for a new job, what are some of the things you’re concerned about? Sure, you want a good salary, decent benefits, a challenging work environment and great co-workers, but if you are like many people, you might be concerned about whether you can use your personal smartphone or tablet for your work.
Being able to bring your own device to work offers many positive benefits. When you use your own phone, you’re using one that you are comfortable and familiar with – and you don’t have to carry around extra electronics for work. If you have some downtime at work, you can use your personal phone to access your private e-mail, social media accounts, or make calls and texts. For many people the added bonus is that, perhaps, your employer is footing at least some of the bill for your service.
But even with all of these benefits to employees, what many people don’t realize is that when you use your personal device for work, you might be giving up a certain level of privacy and control. It’s important that you understand these issues before you enroll in your company’s BYOD program or you could be in for an unpleasant surprise down the road.
Where’s All My Stuff?
Imagine this: you’ve taken thousands of photos of your new baby on your iPhone. One day you try to pull up the latest shot of Junior chewing on his toes to show your co-worker – and it’s gone, along with all your text messages, contacts and apps. You panic, trying to figure out exactly what happened.
And then you remember: you use your phone for work and your employer has the ability to wipe your phone, when they suspect a security breach. Depending on your company’s system, a suspected security breach could be anything from multiple incorrect password attempts to a new app that contained malware.
The lesson here is simple: before you agree to use your own device on your company’s network, read the policy carefully, taking note of any procedures in the event of a security breach. Many companies will automatically lock your device or remove data if they suspect that the device has been lost or stolen – and when you leave the company. If you have information that you do not want to lose, such as a contact list or photos, perform regular backups to prevent total data loss.
But that App is So Cool!
Another potential area of concern for those who use personal devices governed under a Mobile Device Management plan are the apps that they can and cannot add to their devices. While, in general, apps purchased from reputable sources, such as ITunes, are free of malware that could lead to security breaches, apps downloaded from other sources can create security risks. Android apps tend to be a greater risk than those for Apple devices, but there’s always a chance that cool new game will be banned by your employer.
If you use your device for work, understand that you might face restrictions on the apps you can add to your phone – and when you download apps from unknown sources, you could be putting your company at risk.
Depending on your company and their MDM policy, when you use your phone for work you could be exposing all of your personal data to your employer. Some BYOD security policies allow your company to monitor all activity on the phone, meaning that the private text message you sent to a friend could become public knowledge, if your employer needs to examine the data on your phone as part of an investigation related to the company. You need to know exactly what your employer can access, how they will use your personal data and how they will protect your personal data that’s accessed via your phone. Because BYOD is a relatively new phenomenon, the laws and restrictions governing the use of personal data are still in the early stages, but at minimum, you should know how your data can and will be used.
Using your own smartphone or tablet at work can help you stay both productive and happy. However, before you hand over your phone details to your employer, understand the privacy implications of doing so. If you have concerns, discuss them with your IT security managers – or consider using a company-sponsored device instead.
About the Author: Blogger Kevin Garrison writes about privacy and security issues in the IT field. A certified Internet Security professional, he consults with organizations making the switch to BYOD on developing appropriate privacy policies.