Ed note: This post originally appeared on Peter S. Vogel’s Internet, Information Technology & e-Discovery Blog.
A recent survey about BYOD (“Bring Your Own Device”) resulted in the finding that “78% of employees use their own mobile devices for work” and “the use of personal technology to access corporate data can be solved by better communication between both parties regarding security, data and privacy concerns.” On July 10, 2014 Webroot issued its BYOD Security Report entitled “Fixing the Disconnect Between Employer and Employee for BYOD (Bring Your Own Device)” which included these key findings:
- Although 98% of employers have a security policy in place for mobile access to corporate data, 21% allow employee access with no security at all.
- Over 60% of IT managers surveyed reported the use of personal devices by their employees and 58% indicated they were ‘very’ or ‘extremely’ concerned about the security risk from this practice.
- Most employee devices are lacking real security with only 19% installing a full security app and 64% of employees limited to using only the security features that came with their devices.
- Over 60% of employers indicated they seek employee input on mobile device security policies, but over 60% also said employee preference has little or no influence on mobile security decisions.
- Top concerns from employees regarding a company-mandated security app include employer access to personal data, personal data being wiped by an employer, and employers tracking the location of the device. Other concerns included impact on device performance and battery consumption.
- 46% of employees using personal devices said they would stop using their devices for business purposes if their employer mandated installation of a specific security app.
Webroot proposed these BYOD Bill of Rights:
1. Privacy over their personal information
2. Be included in decisions that impact their personal device and data
3. Choose whether or not to use their personal device for work
4. Stop using their personal device for work at any time
5. Back up their personal data in the case of a remote wipe
6. Operate a device that is unencumbered by security that significantly degrades speed and battery life
7. Be informed about any device infections, remediation, or other activity that might affect their device’s performance or privacy
8. Download safe apps on their personal device
BYOD privacy issues continues as headline news, which is likely to continue given the increasing use of BYOD by employees.
“Peter S. Vogel’s Internet, Information Technology & e-Discovery Blog is part of the LexBlog Network (LXBN). LXBN is the world’s largest network of professional blogs. With more than 8,000 authors, LXBN is the only media source featuring the latest lawyer-generated commentary on news and issues from around the globe.”