The blurry controversy over public vs. private in the workplace just keeps growing. There are
questions like whether your employees can rag about you on Facebook, and whether you can root around in candidates’ social media to find people who have the inside dirt on them. And then there is Bring Your Own Device, otherwise known as BYOD.
On its face, of course, BYOD is a brilliant solution to excessive complexity. In a BYOD workplace you have one phone, one laptop, maybe one other device. You’re not constantly juggling and charging and programming and upgrading two sets of devices. A business owner doesn’t have to shell out thousands and thousands of dollars for individual devices and data plans and insurance plans and so forth. That part seems obvious. But then, there’s the other side.
One big question, of course, is security. If your employees can use personal devices for work, you have to determine how you’re going to keep work data and documents protected. This might mean you store all data and documents in the cloud—a prospect that worries some organizations—and employees can’t download it, only access it with a password that can be locked out if necessary. Some organizations feel a lot better with some data on their own servers or hard drives. And even if employees can’t download documents, it doesn’t stop them from taking screenshots. Also, what happens if an employee decides to download some new app that turns out to be spyware or malware? Can a company remotely wipe the phone if that happens, or the employee reports it stolen? Finally, if some sensitive information does leak, is the employee more legally responsible if it leaks from his personal phone? If the device belongs to the organization, all those questions are answered by company policy, i.e: “No, you can’t play World of Warcraft on your company-issued mobile device.” But if it’s a personal device, the company has far less to say.
It’s a double edged MYOB: The business owner is minding his own business by monitoring the employee’s device, while the employee’s idea of “Mind your own business” is something else entirely.
Employees are no more likely to hand over control and access to their personal phones than companies are to give total control of their data to employees. It doesn’t feel good to have a company imposing policies on a phone the employee bought and paid for and that they use for personal communication as well as work. And while we’re on that topic, who pays for the minutes? Can employers require employees to have unlimited minutes? Do they get to monitor minutes to assess which ones they pay for?
Then there’s the issue of the formatting of information. Some types of documents work with iPhones and not with Androids. Somebody has to be in charge of getting everybody on the same page and make interaction seamless over a variety of devices.
BYOD is doable but it requires forethought and agreements with employees over control and privacy. One organization that uses BYOD is, get this, the White House. WhiteHouse.gov suggests possible options for parameters around devices that include:
- Virtualization: Provide remote access to computing resources so that no data or corporate application processing is stored or conducted on the personal device;
- Walled garden: Contain data or corporate application processing within a secure application on the personal device so that it is segregated from personal data;
- Limited separation: Allow co-mingled corporate and personal data and/or application processing on the personal device with policies enacted to ensure minimum security controls are still satisfied.
But that doesn’t tackle the issue of doing things on one’s phone that are, shall we say, inappropriate for the workplace.
BYOD may be the wave of the future. After all, keeping one set of gadgets charged up and virus free is hard enough. But organizations really need to wade through all the questions first and get employee buy-in before they travel too far down that road.
We work with companies on a project basis or on retainer, providing a custom level of HR help designed for your business, with offices in Austin, San Antonio, Dallas and Houston. Contact me at Caroline@valentinehr.com or call (512) 420-8267.