47 THE AMERICAN LAW INSTITUTE Continuing Legal Education Preventing Employee Data Leaks: Policies, Procedures, and Practical Advice May 20, 2014 Telephone Seminar/Audio Webcast Is your mobile workforce exposing you to unseen risks? By Paul E. Starkman Pedersen & Houpt, P.C. Chicago, Illinois Permission to Reprint from Multibriefs (http://exclusive.multibriefs.com)
48 MultiBrief: Is your mobile workforce exposing you to unseen risks? Page 1 of 6 HOME INDUSTRIES ABOUT CONTACT Is your mobile workforce exposing you to unseen risks? Paul Starkman Friday, February 21, 2014 0 COMMENTS Share this article Bring-your-own-device (BYOD) to work has fast become a popular trend. Employees often prefer to use a single smartphone, laptop and tablet for both work and personal use, claiming they are more productive when they can access email and other corporate resources at any time and from anywhere. Initially, companies embraced BYOD as a workforce management strategy that fulfilled employees' demands for flexibility while lowering telecommunication expenses. Now it's become clear that BYOD also comes with many business risks that require further review, evaluation and action to reduce growing concerns with security, compliance and privacy issues. Employees are quick to download unapproved, third-party apps to track their calendars and expenses, and they utilize cloud-based storage sites like Dropbox to store work documents. But easy and convenient mobile access to corporate email and intranet also exposes
MultiBrief: Is your mobile workforce exposing you to unseen risks? Page 2 of 6 49 companies to the risk of security breaches, data theft, compliance violations and the gray areas that are emerging around employee privacy, wage and labor laws. The kicker is that in many cases, the anticipated cost savings of BYOD have largely turned into increased IT expenses to support users and increased mobile device security. Regardless of these risks, the mobile workforce is here to stay. According to Gartner, a leading information technology research firm, by 2018 the size of the mobile workforce will more than double. Most of the companies surveyed by Symantec, the information security giant, allow employees to use personal mobile devices for business purposes and also accept the probability that they will experience a mobile security incident as a result. Mobile device use and management is a dynamic trend. Set your policies and design your security architecture around these broad areas: 1. Share responsibility Update your mobile device policies to engage employees in shared responsibility for protecting corporate data. Many of today's mobile security policies are often limited to employees who access the corporate network through devices that are company-owned. Review, update and extend those policies to include employee-owned hardware usage. Regardless of who owns the device, an effective policy includes a user agreement that clearly defines employee eligibility, usage, approved devices and platforms. 2. Maintain balance Balance flexibility with confidentiality and privacy requirements. To regain control over mobile devices, companies are developing novel models like COPE (company-owned, personallyenabled) and CYOD (choose your own company-owned device). Other employer responses include using new technology that provides secure portals to corporate data and allows remote monitoring and wiping of confidential information from even employee-owned devices. These plans may give employers more access to mobile devices, but they are not foolproof. If you allow personal use, then you're blurring the lines between corporate confidentiality and employee privacy. Even if your policies eliminate the expectation of employee privacy, companies should not cross into password-protected personal accounts, websites and social media. 3. Protect what's yours
50 MultiBrief: Is your mobile workforce exposing you to unseen risks? Page 3 of 6 Protect your intellectual property and confidential corporate data. In the mobile device universe, at most risk are your valuable corporate assets like intellectual property, computer source code, proprietary research, client lists and confidential financial information. In a survey by Symantec, 50 percent of departing workers kept confidential corporate data and almost half of this pool said they would use this data in their new jobs. COPE and CYOD devices may offer some data security advantages, perhaps as a psychological deterrent. If nothing else, employees may be less inclined to steal proprietary information if they are using a corporate-owned device that is monitored. 4. Check with HR Carefully consider how your mobile device policy aligns with employee expectations. It's a good idea to involve HR in mobile device policy development. A federal court case in Chicago involving overtime claims by policemen for off-duty texting and calls using department-owned smartphones is only one of many that could have far-ranging implications about wage and labor claims related to after-hours mobile device use. One implication is whether employers must pay nonexempt employees overtime under the Fair Labor Standards Act (FLSA) for time spent reading and responding to email on their smartphones after work hours. Technology moves far faster than the law can keep up, and this case may be the tip of the iceberg when it comes to legal risks for employers from BYOD. Share this article About the Author Paul Starkman is a partner at Chicago-based law firm Pedersen & Houpt, where he leads its Labor and Employment Law Practice Group. A full-service business law firm, Pedersen & Houpt serves its clients' needs in the areas of corporate & business counseling, intellectual property, real estate & financing, litigation & dispute resolution, labor & employment law, creditors' rights, restructuring & bankruptcy, and wealth preservation.
MultiBrief: Is your mobile workforce exposing you to unseen risks? Page 4 of 6 51 Add a comment... Comment using... Facebook social plugin Related Industries Association Management Business Management, Services & Risk Management Civil & Government Communications Related Articles A crisis in leadership BYO: The new trend in media consumption Job search: Finding a world-class sales organization Plan your work and work your plan: 3 tips toward effective execution Iran's influence on the oil market and the fate of the US oil industry
52 MultiBrief: Is your mobile workforce exposing you to unseen risks? Page 5 of 6 Tweaking your tweets for repeat Are your staff members committed to their space? US as leading subsidizer of fossil fuels? Do estimates matter? Recent Articles Porsche 911 GT3 RSR starting the season off right The key to improving nurses employee engagement Housing market showing slow, steady growth Choosing the right bullets for predator hunting Don t let return policies put you at risk for fraud and abuse See your work in future editions YOUR CONTENT, YOUR EXPERTISE, YOUR NAME Your Industry Needs YOUR Expert Voice & We've got the platform you need Find Out How
MultiBrief: Is your mobile workforce exposing you to unseen risks? Page 6 of 6 53 Copyright 2014 by MultiView, Inc. All the text, graphics, audio, design, software, and other works are the copyrighted works of MultiView, Inc. All Rights Reserved. Any redistribution or reproduction of any materials herein is strictly prohibited.
54 2