Leaving them to their own devices 

Federal, British Columbia and Alberta privacy commissionershave released guidelines that can reduce threats for the BYOD program.

First on the list is a privacy and threat assessment. Before implementing the program, employers need to be aware of what exactly is on the table.  

“Allowing employees to use their mobile phones, tablets and laptop computers for both personal and professional use carries significant privacy risks – particularly when one world collides with the other,” says Privacy Commissioner of Canada Daniel Therrien. “Companies need to consider the risks in advance and prepare to manage them effectively. Only then could they conclude whether a BYOD program is right for them.”

If companies are able to accept the risks, explicit guidelines must be established. This involves training participating IT professionals and staff on proper policies and responsibilities – a difficult feat for companies who want to avoid buy-in from senior management.

Other preventative measures, according to British Columbia’s Information and Privacy Commissioner Elizabeth Denham, include encrypting BYOD devices, authentication and partitioning devices to keep approved corporate apps and data separate from personal apps and data.

“Companies also need to bear in mind that despite their best efforts, bad things can happen. Devices may be lost or stolen and personal information may be compromised,” she explains.

In such a case, Denham believes companies will have to be proactive to ensure a solid fallback. A formal incident management response plan may be a company’s only saving grace.

To learn more about the risks, read the official guidelines now.