First Reference company logo

First Reference Talks

News and Discussions on Payroll, HR & Employment Law

decorative image

BYOD: is personal information visible over corporate networks?

Employers are increasingly drafting and implementing bring-your-own-device (BYOD) policies for their employees. And they should be, since employees are increasingly using their personal digital devices—phones, tablets, laptops—to perform work, both in and out of the workplace.

First Reference recently published several sample BYOD policies as part of Information Technology PolicyPro (ITPP). A new chapter on BYOD covers:

  1. Acceptable devices and operating systems
  2. Systems access and acceptable use
  3. Security for personal devices
  4. Maintenance and support
  5. Employment agreements for BYOD participation
  6. Compensation

Image: Idea go |

There’s lots more to consider when it comes to employees using their personal devices for work, and we’ll be updating this area of ITPP regularly.

Employers might be tempted to implement policies that simply state the resources the employer will provide for employees who use their own devices, and outline how employees must conduct themselves when using those devices on employer networks or to handle work-related documents and information. But employees should also understand their employers’ obligations toward them, for instance how employers will treat personal information transmitted over corporate networks.

The United Kingdom’s Telegraph newspaper reported recently that many employees in the UK, Germany and the United States don’t trust their employers to stay out of their personal information when they use their own devices on employer networks. An online survey of 3,000 employees found only 30 percent of employees “completely trust” their employers to keep their personal information private.

At the same time, the survey found many employees are unclear about what information their employers can view when connected to corporate networks. More than 40 percent of survey respondents believed that their employers couldn’t access anything on their devices; 28 percent believed their employer could view messages and attachments in work-related email accounts; 22 percent believed their employer could see their work contacts.

Employers should be clear with employees about what information they have access to on an employee’s personal device, and when, if ever, they retain the right to access that information. Whether employers include these statements in a BYOD policy or a privacy policy, or in a separate binding document, they should make sure every employee who wishes to use their personal digital devices for work understands how the employer will treat their personal information.

Adam Gorley
First Reference Human Resources and Compliance Editor

Follow me

Adam Gorley

Adam Gorley is a copywriter, editor and researcher at First Reference. He contributes regularly to First Reference Talks, Inside Internal Controls and other First Reference publications. He writes about general HR issues, accessibility, privacy, technology in the workplace, accommodation, violence and harassment, internal controls and more. Read more
Follow me

, , , , , , , , , , , , , , , , , , , , , , , , , , ,

Comments are currently closed.