The Remote phone wipe of mobile devices by companies that use a BYOD Strategy (Bring Your Own Device) is now the number one complaint received by the National Workforce Institute, according to a recent article in the Wall Street Journal.
The article relates the experiences of several victims of this increasingly common workforce policy, and highlights the dangers inherent in the practice, both to the employees and to their employers.
What is a Remote Phone Wipe
The remote wipe is now used more and more often by companies to protect proprietary corporate data (check out our Law Firm Technology Risks ebook if you work for a law firm), contacts and documents that are accessed through their employees’ personal mobile devices. The IT department simply erases the information remotely, having gained access to the employees mobile device upon hiring. Once terminated, an employee’s phone can be returned to a blank slate. A remote wipe is the digital version of cleaning out your desk and turning in your rolodex, and it makes sense from a business standpoint – terminated employees shouldn’t leave with company property.
The Law of Unintended Consequences
The Law of Unintended Consequences is alive and well. That wipe also includes precious photographs, personal contacts, music, data, apps…both pre- and post-hire. If the data hasn’t been backed up, then it’s gone. And if that personal data was purchased by the employee – such as music, movies, apps – then that’s potential for a real problem.
Do we need a BYOD Policy?
If you are allowing – even encouraging – your employees to use their own mobile devices, then it is incumbent on you, the employer, to develop a BYOD Policy that reduces or eliminates your liability in the event of data loss.
Does my Company’s BYOD Policy Protect Against a Remote Wipe?
Most of the employees who have been wiped by a company admit that they may have clicked “agree” without full comprehension of what they were digitally signing. So those policies haven’t stopped the complaints. Long used to clicking the “I agree” button on the ubiquitous TOS agreements that pop up on any new application website, most employees are unwittingly agreeing to a remote wipe policy without bothering to read what it is they are agreeing to. In the rush of new-hire requirements, buried in the W-2 and Benefits sign-up, the policy has further-reaching consequences than new employees realize. In fact, the legality of these agreements is now being questioned, as the consequences to the policy infringe on personal property.
Why YOU Should Worry
According to the article, the legality of these agreements is likely to be challenged in the coming months. Computer trespass statutes may be applied in these situations. What is certain is that legal challenges will arise, as the BYOD movement is relatively new (two years, more or less) and unless a company is proactive now in their BYOD policy implementation, they could be vulnerable. No one wants to become a test case.
What YOU Should Do
Your Digital Assets need protection and your business should be secure from technology and legal risks. Review your BYOD plan on a quarterly basis to ensure that it is sufficiently monitored for your company AND your employees.