Employment expert explains what companies should know regarding ‘mobile device policies’ and keeping sensitive data safe
Two-thirds of Americans have smartphones, and nearly half of us use our phones for work purposes. That number is only continuing to increase, and 95 percent of organizations allow employees to use their phones for business tasks.
However, employment expert Rob Wilson says that some companies could be opening themselves up to lawsuits by not having a strict mobile device policy in their handbooks.
“If you enter a workplace in America, you are likely going to find most employees with their cell phone on their desk beside them,” says Wilson, who is President of Employco USA, a national employment-solutions firm with locations across the country. “And, when they go home at night or on the weekend, many of them will be performing work tasks via their phones, even if it is just to quickly check their work email.”
Wilson says while many employers view this as a win-win, there are some considerations that should be taken into account.
“Yes, when an employee uses their own phone for work purposes, you are going to save money,” agrees Wilson. “You won’t have to pay for multiple phones, and you won’t have to deal with the burden of fixing broken phones or replacing stolen phones. However, even if your name isn’t on the bill, you could still be paying a price.”
Here, Wilson outlines the concerns which could crop up when employees BYOD:
Employees accessing sensitive data via unsecured connections. “An employee who uses their phone for work could potentially put your company at grave risk if they send/receive information with sensitive client data, such as Social Security numbers, via an unsecured connection. For example, an employee who is on vacation may use their phone to send an important document which the contains personal information of your customers, and they do so by using the hotel’s wi-fi…this could spell major trouble as these public connections are very easy to hack,” says Wilson.
Employees taking company information and clients for their own. “In a perfect world, employees would always be honest, but of course, that’s not always the case. If an employee is using their own personal phone number to conduct business, they can siphon clients and intellectual property away from your company without you even being aware. The customer may not even have a corporate contact outside of this single employee they do business with, so if the employee leaves the firm, you may be left without a way to contact them. For industries like sales/marketing, it’s always good practice to provide your employees with work phones, so you have that phone number under your account and hence your control.”
Employees losing their phones. “Millions of us lose our phones or have our phones stolen,” says Wilson. “When it’s a phone on which work duties happen, this can be a major cause for concern. You have to think about whether this information has been backed up, whether crucial documents have been lost, and also who might now be accessing your company’s data.”
Wilson says that there are a number of things that employers can do to make sure that their information stays safe, while still optimizing employees’ time and energy by allowing them to BYOD.
“In today’s day and age, it’s just not realistic to expect employees in most industries not to use their phones for work duties,” says Wilson. “Rather than ban personal phones, employers need to create airtight mobile device policies which are included in the employee handbook and which employees sign off on upon reading. You should also have yearly meetings in which you remind employees of these policies, as wells as ensure that managerial staff is trained on these matters and know how to implement the policies.”
Wilson says that there are other smart things companies can do as well, such as separating their data in the workplace.
“At Employco, we have our internal computers on a completely different system than our wi-fi,” says Wilson. “This means that when we need to send personal information like SSNs, we can do so via our PCs on a secure network. It also means that when people come into our buildings and use our wi-fi, they aren’t on the same network on which our company-sensitive data is stored.”
For more on this topic, please contact Rob Wilson at rwilson@thewilsoncompanies.com.