In light of the growing adoption of BYOD, here are three questions both employees and employees should ask.
Globally, there is a growing trend towards adoption of bring your own devices (BYOD) arrangements in the workplace. Further, increasingly, employers are expecting their employees to use their devices, such as their mobile/cellular phones, smartphones, laptops and tablet computers, for the organisation’s work.
BYOD is prevalent in the Caribbean region, especially among micro, small and medium enterprises (MSMEs) that cannot afford to provide employees with a separate, company device. However, both the employer and employee ought to carefully consider BYOD prior its adoptions, as there could be far-reaching implications for both parties. Below are three key questions that should be asked.
1. How much are employers contributing for use of employee devices?
The days when employers would fully cover the cost of an employee’s mobile/cellular phone (the monthly payments) and service plan, are no longer the norm. Instead, they are more inclined to either give employees a stipend for using their phones for business purposes, or not contribute anything at all, on the premise that employees are solely responsible for maintaining their devices and plans.
In the Caribbean, where prepaid mobile/cellular plans tend to predominate, organisations may be more inclined to provide a small stipend to employees, especially junior staff, who frequently are not postpaid subscribers. Among larger firms, where here may have been the practice of giving senior management and executives company phones, the continued need for cost savings may cause such arrangements to be revisited. Similarly, for closed user groups, where members would be given a separate mobile/cellular phone, increasingly those groups may use an employee’s personal account/number, with the organisation making some contribution towards the service plan in use.
2. What happens to network security?
For organisations that have computer networks and try to ensure that they are secure, BYOD schemes can be extremely problematic in maintaining the integrity of those networks. Organisations do not have full control of the personal devices that are accessing their networks and their data, which could be commercially-sensitive or confidential. As a result, they can find themselves seriously compromised by seemingly innocent activities by not only the device owner, but also their families.
The security challenges tend to be one of the greatest deterrents for organisations adopting BYOD schemes. On the other hand, for those that need their employees’ to use their own resources (devices) to further the organisation’s work, they may be prepared to accommodate a less secure network for what they perceive as the greater good.
3. What happens when an employee leaves the organisation?
What does an employee do when he/she needs to send or receive an email but his/her company email account is not working? All too often, personal email accounts end up being used for company business. Whilst such measures are commendable in order to address the matter at hand – and some firms expect their employees to do so – it means that company information will be stored in employees’ personal devices and email accounts. Further, noting that it is good practice to backup one’s devices regularly, company information may also find itself in an employee’s personal cloud account.
As undesirable as the above situation might be, it becomes even more disconcerting when an employee leaves an organisation. The odds are that company information – again, which could be commercially-sensitive or otherwise confidential – resident on their devices, email and cloud accounts, to name a few, could remain in the possession of a former employee indefinitely.
Image credits: Michael Coghlan (flickr)
___________________
Or when the BYOD device in question has pre-loaded software that, as part of the internal rules, is not permitted by the organisation?
Or the same BYOD in question has been re-configured to a point of being illegal ( eg “jailbroken” device )?
Great synopsis. I just wanted to leave a further issue which is becoming more and more troublesome in this area. When an employee uses his/her personal email address during the employment, and is terminated (especially under duress or conflict), unless the organisation has a comprehensive CRM system or is willing to make the event public, the employee retains access to the network of the organisation via their personal email, which by its previous use has been automatically authorised as a business communication. This opens the possibility to continue to have access to the organisation’s information, and even conduct business in the name of the organisation without the requisite authority or endorsement.
Thanks, and keep informing!
This article is very relevant to current working arrangements.