There are many considerations businesses must take into account when developing a BYOD policy. One important thing to keep in mind: Make sure the policy protects the company from legal problems.
Employees are bringing their own mobile devices into work, whether the organization has official rules regarding BYOD or not. Therefore, it’s important for companies to develop a policy to help employees work with the devices that make them the most productive, while creating minimal risk for the organization.
Different sides will want the BYOD policy to accomplish different things. For example, IT will want the rules to protect information security as best as possible, while managers will be looking for productivity gains and Finance will want an approach that saves the company money.
But one goal all organizations should have is a BYOD policy that helps the company avoid the tricky legal problems that can occur when employees use their own smartphones, tablets and laptops.
For help, here are some BYOD policy tips detailed by the law firm Barnes & Thornburg in a recent blog post:
1. Determine ownership
In BYOD programs the employee, not the company, owns the device. That much is clear. But things get trickier when it comes to information. The policy should make it clear that even when data is accessed by an employee-owned device, the information still belongs to the company.
2. Establish privacy expectations
A BYOD policy should let employees know they shouldn’t have any expectations of privacy when using their own device for work-related reasons. However, the rules should also set guidelines for the company to avoid privacy breaches — for example, have a rule against managers reading employees’ personal email on their smartphones.
3. Plan for exiting employees
In addition to the rules about what current employees can do while using their own gadgets at work, it’s important to plan for what will happen when people leave the organization. The key is having a way to erase company-related information — so ex-employees don’t bring it to other businesses — while keeping personal data, pictures and other items intact to avoid claims of privacy violations.