Scarinci Hollenbeck, LLC

201-896-4100 info@sh-law.com

Data Security Spotlight: Could BYOD Mean Bring Your Own Disaster?

Author: Scarinci Hollenbeck, LLC|September 12, 2014

Data Security Spotlight: Could BYOD Mean Bring Your Own Disaster?

New Jersey businesses are increasingly allowing employees to use their own devices to perform work tasks, such as responding to client emails, scheduling meetings, and preparing reports. The practice even has its own catchy moniker, “BYOD.”

While carrying a single device may be convenient for workers, many businesses and their employees fail to appreciate the risks of BYOD. Moreover, an organization’s lack of proper policies and procedures can greatly increase the risk of data breaches and other security concerns.

According to a new report from Webroot, a leading provider of real-time threat detection, more than 60 percent of IT managers surveyed reported the use of personal devices by their employees, and 58 percent indicated they were “very” or ”extremely” concerned about the security risk from this practice. The cause for concern is warranted. The survey also found that most employee devices are lacking real security with only 19 percent reported installing a full security app and 64 percent of employees admitted to using only the security features that came with their devices.

To balance the convenience of BYOD and the risks, New Jersey businesses are advised to adopt comprehensive data protection policies and employee training. At minimum, a BYOD[1] policy should include:

  • Electronic use policy: Employees should be advised that the company’s electronic use policy applies equally to employee-owned devices.
  • Privacy disclaimers: The policy should clearly state that workers lose their right to privacy when a device is used for work purposes.
  • Password protection requirements: Employees should be required to enable password protection on any BYOD.
  • Remote access authorization: The policy should articulate the circumstances under which the employer has the right to physically and/or remotely access the device.

Of course, a BYOD policy is only effective if employees follow it. As highlighted by Webroot, “[i]nvest in educating employees about the risks associated with mobile devices and the benefits of securing devices. An informed user is more likely to buy into BYOD security requirements.”

If you have any questions about this study or would like assistance with your data security efforts, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch (http://ewhwblog.com).

Data Security Spotlight: Could BYOD Mean Bring Your Own Disaster?

Author: Scarinci Hollenbeck, LLC

New Jersey businesses are increasingly allowing employees to use their own devices to perform work tasks, such as responding to client emails, scheduling meetings, and preparing reports. The practice even has its own catchy moniker, “BYOD.”

While carrying a single device may be convenient for workers, many businesses and their employees fail to appreciate the risks of BYOD. Moreover, an organization’s lack of proper policies and procedures can greatly increase the risk of data breaches and other security concerns.

According to a new report from Webroot, a leading provider of real-time threat detection, more than 60 percent of IT managers surveyed reported the use of personal devices by their employees, and 58 percent indicated they were “very” or ”extremely” concerned about the security risk from this practice. The cause for concern is warranted. The survey also found that most employee devices are lacking real security with only 19 percent reported installing a full security app and 64 percent of employees admitted to using only the security features that came with their devices.

To balance the convenience of BYOD and the risks, New Jersey businesses are advised to adopt comprehensive data protection policies and employee training. At minimum, a BYOD[1] policy should include:

  • Electronic use policy: Employees should be advised that the company’s electronic use policy applies equally to employee-owned devices.
  • Privacy disclaimers: The policy should clearly state that workers lose their right to privacy when a device is used for work purposes.
  • Password protection requirements: Employees should be required to enable password protection on any BYOD.
  • Remote access authorization: The policy should articulate the circumstances under which the employer has the right to physically and/or remotely access the device.

Of course, a BYOD policy is only effective if employees follow it. As highlighted by Webroot, “[i]nvest in educating employees about the risks associated with mobile devices and the benefits of securing devices. An informed user is more likely to buy into BYOD security requirements.”

If you have any questions about this study or would like assistance with your data security efforts, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch (http://ewhwblog.com).

Firm News & Press Releases

No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.