BYOD policies are growing in popularity as the number of devices we carry continues to grow. BYOD stands for Bring Your Own Device. Employers and employees alike are increasingly pushing for BYOD policies in the workplace.
“Basically, it lets employees use their own device to connect to the company network.” Jason A. Storipan explained in a recent BLR webinar. Doing so can have a lot of benefits, such as shifting costs of technology to the employees. It also may allow the use of new technology in the workplace sooner—whenever an employee upgrades their device. In other words: it means allowing the employees to use cutting edge technology at work without requiring the employer to incur the costs or do the updates.
But it can also cause headaches. Security concerns top the list, but it doesn’t stop there. How can an employer craft a BYOD policy to minimize risks?
BYOD Policy Tips
“You want to make sure that there is a policy governing BYOD before it’s allowed or as soon as it’s put into place.” Storipan advised. Here’s what to include in the policy:
- “Language reducing any expectation of privacy and monitoring if being done of the company network and server—just like anywhere else or any other type of technology policy.” Storipan noted.
- Language advising that access is a privilege and explaining what acceptable use is (or, alternatively, advise what would cause the company to sever company network access).
- What to do if the device is lost or stolen.
- Security requirements. Can the employer ask for passwords? Must auto-lock be set up? Will you prohibit the employees from disabling security measures? Are there specific configuration requirements?
- What happens when the employment relationship ends? Will wiping the device also remove their personal data (possibly without notice)?
- Restrictions on use of the device, such as use by children.
In addition to these items, be sure to connect the BYOD policy to other related policies such as harassment, trade secrets/confidentiality, and social media.
Be sure to fairly and consistently administer discipline for violations of both the other policies and the BYOD policy. Discipline for compromised data, for example, should administered whether it happens on the employee’s electronic device or elsewhere.
For more information on implementing a BYOD policy, order the webinar recording of “From Smartphones to Google Glass: What Employers Must Know About E-Monitoring in the Workplace.” To register for a future webinar, visit http://store.blr.com/events/webinars.
Jason Storipan is an associate in the New Jersey office of Fisher & Phillips LLP. His practice involves representing employers in all types of labor and employment disputes and assisting and advising clients in pre-litigation matters.