Many IT Execs are faced with choices of BYOD, CYOD COPE, etc etc etc. Deciphering the best way to put wireless devices in employee’s hands is a tough call. Additionally, none of the information is simple and all parties involved can get very judgey about the right course of actions.
PART 4: “WHAT ELSE DO I NEED TO KNOW?”
Motorola gathered survey responses from 1,000 consumers. The study reported that two out of three respondents said they recognized that the onus was theirs to protect the information on their phones. A total of 73% said they are concerned about smart phone security, and would actually rather share a toothbrush than their phone! However, 48% of them said they have logged onto an insecure network for convenience sake rather than security. And that is despite the fact that 34% store sensitive data like passwords to work email profiles and personal bank information.
It appears that there is a big variance between what a CIO would consider proper safeguarding of proprietary information on BYOD compared to what the average employee understands.
There is a lot of interesting data regarding purchase of mobility services. Here are a few additional considerations:
- There are risk implications for those companies that require mobile device usage without paying for mobile phone usage. A court in California ruled favorably for employees of an organization who either did not provide full reimbursement for business use or who did not provide a stipend at all.
- There is risk of personal data being inappropriately shared – especially as it relates to company confidential documents and for HIPAA related information
- A study with Enterasys states that 90% of employees disable auto-lock for tablets and 75% disable it for Smartphones. This can be a security leak.
- About 37% of employees read work email on their personal devices every week, and more than one third said they used it for reading work documents, although the research noted that most did not want to use their personal devices
The Richmond Journal of Law and Technology Case Study, Wherever You Go, There you are (with your mobile device): Privacy Risks and Legal Complexities associated with [International] Bring Your Own Device:
Users are “responsible for safeguarding clients’ sensitive information and is under a high “duty of care” obligation… Client financial information is personally identifiable information and must be protected….polices need to be reinforced by ensuring that any device—whether a computer, tablet or smartphone—meets minimal security standards. Also, the company needs to be aware of U.S. Securities and Exchange Commission (SEC) litigation against firms that are negligent in providing duty of care, as it could be the next target. Some financial firms have been targets of class action suits that led to millions of dollars in damages”
So, there’s lots to consider, but be aware of the issues and allow yourself to make smart, informed decisions.
And as always, if you have questions, feel free to contact us because we are …..STILL protecting your Wireless Rights………