Mobility : Legal issues of BYOD


According to Gartner, 70% of companies will adopt a policy of "BYOD" ("Bring Your Own Device") in the next 12 months. The fact is, existing policy or not, tablets, smart phones and personal laptops have already penetrated the walls of your companies. Better take and control the inevitable by putting in place the means of controls. However, the right of end-users to use their own equipment on the corporate network increases the risk of data leakage and increases the vulnerability of the company.

Consequently, the implementation of a new security policy specific to "BYOD" is essential.Furthermore, the end user being the owner of the material and personal data residing on the device, the implementation of a corrective policy such as a remote wipe-out when the equipment is compromised, raises questions of data ownership, access to data and privacy. If the company takes the right to delete its own data, it can however not unilaterally decide to erase the user’s personal data. The problem lies in the fact that most existing solutions do not enable a selection of specific data to be erased.

If the implementation of a selective solution is not possible for the moment, the only option would be to have the user signs a waiver. This waiver would advise the user to save his personal data and would make him accept the risks resulting from a compromised equipment. In all cases, the "BYOD" security policy should be done in collaboration with legal advice.

Referred Gartner’s article : http://www.gartner.com/newsroom/id/2263115

#mobility #legal #security #english