As we continue on our discussions around BYOD, one topic that comes up time and again is the potential issues around these mixed use devices. The mixing of personal and professional data creates some questions and issues that really do bear some analysis and discussion before making any final decisions regarding BYOD in your business. Last month I mentioned one such issue, access to ex-employees by customers. This is one fairly critical question for anyone in a business where your staff is the key point of contact, and the staff is providing the service the client is paying for. If an employee leaves with their own phone and phone number, and perhaps goes off to a competitor to continue in the same line of work, you may have just enabled a customer to take their business over to the competitor by granting them easy access. Something to consider!
But, there are certainly other considerations, and some of them are far more employee centric. What about personal privacy for the employee? What about data integrity of their data in the case of a remote wipe done upon termination? How will they feel if dozens of important pictures are lost forever? How will you feel about having to do that to maintain security?
There are some legitimate reasons why business devices and personal devices are kept separate. What people do with their own device is their business, but there are HR considerations that could come into play when your favorite employee has a screen saver on their laptop that is wholly inappropriate for work.
And of course, there are viruses... and there are web behaviors that most people deem appropriate for personal equipment that they would not deem appropriate for a work asset. And those riskier behaviors generally lead to more occurrences of viruses and other issues which cost your company time and money.
Again, these are YOUR decisions to make as a business person, and they are business decisions, not technical ones. The key is to have a plan, understand the risks, and put in place steps to remediate those risks.
All business concerns, not technical ones. All things to think about outside of the worries of the IT group.