BYOD – Is it threat to an individuals pursuit of personal confidentiality
BYOD or Bring Your Own Device is the facility provided by companies to its employees to carry their personal device at office locations and perform official tasks on them. All the managers are preaching this facility and employees are excited at this prospect. Companies have had to invest in their security infrastructure to facilitate this feature to its employees. As most employees would prefer to carry their smartphone as their preferred device at office, it has pushed the Mobile First strategy for all enterprise content. On the outset it seems like an employee friendly facility to ensure work-life fit. But, the devil is actually in the device.
In a recent news report about an American Politician, I read that the politician chose not to use the official server/mail and used personal mail for all official purpose. “Convenience” was provided as the reason for this deviation in official protocol. However, some analysts suspect that it was done so to ensure that security agencies are not given the access to the information exchanged on mails. The issue is political and my blog is NOT about it. However, it is to understand the risk to the individual who decides to bring his/her own device to office. He/she risks allowing the central servers, access to their personal details.
Majority of us use mobile phones. We use it mainly for data usage and social networking, apart from the mundane feature to call. But, in the process of data usage, we store and share very personal and intimate details of our lives. We secure the data by providing a lock on the screen. But, we tend to ignore the data which is left on the network. When the network is public the risk is limited to hacking and its legal right to safeguard our personal data. But, BYOD as a concept is abstract. It does not look into the legal rights to safeguard the personal data of the use especially when it is used on office networks. The user will vehemently argue to their right to confidentially of their personal information. Mobile is personal and employees feel their right not to be snooped on their data. The management may argue to their right to be informed about the happenings on the office network, where everything is right of the company. They may say that, ‘we track data on laptops, why should mobile be any different?’. The result, employees may start maintains one mobile device for office and one for personal. In the end, we defeat the purpose.
BYOD is beneficial in reducing delays and improving work-life fit. For tasks which require basic information, its apt to use this facility. BYOD does not mean the user surrenders his/her right to personal data. But, BYOD does not mean we are right to absolute confidentiality. We are accountable and fully responsible for any data generated or accepted on the device. The tragedy would be if BYOD leads to two devices – one official and one personal. Its like getting back to the 90s, with one official laptop and one personal. Use it, it its useful but be responsible for it. Thers always someone watching you and this time it could be your manager.:)
Feel free to share your feedback/criticisms in the comments.