The article prompted by PeterK [log in to unmask] on Friday, September
7, 2012, with a title 'Bring Your Own Device' to Work Carries Data Security
Risks, caught my attention. In that article, (published in Law Technology
News on September 6, 2012), David J Walton, the writer, advises Employers
to consider stricter policies on use of employee's personal electronics for work-
related activities.
Walton quotes a recent technology report which stated that more than 50
percent of companies with BYOD models required employees to cover all
costs. What was interesting to me was that many employees would not be
bothered about costs related to the device as long as it provided them with
greater choice and flexibility. What seemed to me as an advantage of the
employer, at first, was the cost control measure, in case of a constrained
budget. But taking a records management view, the control was dangerous
to security of company data.
I noticed the problem of growth of personal cloud storage and services, such
as Dropbox and others that allow employees to easily lease cost-free space
on large servers. Much as these types of services allow for collaboration
among employees who are working from different geographic areas, I sensed a
possibility of “smart” employees hacking into data with company secrets.
I know of an incidence where a reputable revenue collection body in East
Africa had imposed all possible access controls to ensure security of sensitive
data, but was surprised to find that some scrupulous people somehow
obtained access to highly sensitive records. I wonder what action would be
best for a pro-active employer to show more vigilance in protecting corporate
information or, ensure its confidentiality and security, in a BYOD world. How
can company policies work around the fact that “the individual consumer is
king” in today’s personal electronics world?
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]
|