Does BYOD leave your organization at risk when an employee leaves the company?

Does BYOD leave your organization at risk when an employee leaves the company?

Everyone has a smartphone or tablet these days. Most organizations, in an effort to reduce costs and increase employee satisfaction, are embracing the Bring You Own Device (BYOD) strategy. BYOD allows employee owned devices to connect to the corporate infrastructure - mainly encompassing Email, Sales databases, Customer Information and Corporate Strategy documents. While making it easy for employees and improving the bottom line - what happens to all that data when an employee leaves the company (or is terminated)? Do you trust the employee to delete everything or do you watch over them when they do? Are you checking their backups?

In most email systems today - there's a remote wipe feature available to administrators - but many times business owners are reluctant to use this because they are not sure of what their reach is. Will it wipe out that one and only picture of their child sliding down the slide? Or some other critical contact information?

As part of any BYOD policy you are thinking about implementing, you need to make sure of the following

  • Do you know if your email server or mobile device management system have a remote wipe feature?
  • How much data does it wipe from the device?
  • Do employees back up their device - where are those backups stored?
  • Does their phone have the ability to separate work and personal areas on the phone?
  • What systems does the employee access on their phone?
  • What is your WRITTEN policy on data ownership?
  • What is your WRITTEN policy and procedures on BYOD (and does the employee know)?

So my advice is this - Make sure you know what your systems can do, make sure your employees know what you are going to do if their device to leave the company and make sure you have EVERYTHING documented.

Do you have a policy or procedure you'd like to share? Link to it here and we'll post them in updates.