What you gonna do when they say good-bye?
When BYOD employees leave your company, they may be taking more than their personal devices with them. How do you make sure that corporate data and networks are protected?
"If an employee leaves and you don't have the technology and policies in place to recapture company information instantly, that data will likely walk out the door with them," Forrester Research analyst David Johnson tells Workforce.com.
In addition, firms often do not turn off remote access to the corporate network for former employees, warns Mike McAlpen, executive director of security and compliance for VoIP provider 8x8. McAlpen recommends that firms use a combination of policies, technology and audits to keep their networks secure.
For its BYOD program, 8x8 only allows BYOD users to access to the corporate network as guests, which gives them access to email and basic company data but prevents them from downloading sensitive documents. In addition, the company policy states that BYOD devices will be remotely wiped immediately once the employee leaves the company. "It used to take up to two days to wipe a device, but now we can do it in real time," says McAlpen.
To ensure that the remote wiping doesn't cause a legal issue, Nicholas Lee, senior director of end user services for Fujitsu America, recommends that the company explicitly state how the wiping will occur in its BYOD policy.
Fujitsu America only allows only around 5 percent of its workforce to bring their own devices, primarily executives and sales personnel, Lee tells Workforce.com. To ensure sensitive corporate data stays in the company, Fujitsu uses encryption, partitioning of corporate and personal data on the device, and immediate data wipe of the corporate section when the employee leaves.
- read the Workforce.com article
Enterprises are embracing BYOD, despite security risks and support costs
No one-size-fits-all solution for BYOD policies, panel reveals
Special Report: Making BYOD work