News & Commentary

11:00 AM
Bryan Yurcan
Bryan Yurcan
Commentary
Connect Directly
Facebook
Twitter
Google+
RSS
E-Mail
50%
50%

The BYOD Challenge

Having a policy in place to manage mobile devices used by employees for work purposes is necessary in this current day.

Having a good BYOD in policy in place is critical for most companies in the current day, especially in the financial services industry. Employees using mobile devices that are connected to a corporate network, and that are privy to valuable and sensitive data, need to know exactly what protocols they should follow in using that device.

According to Nolan Goldberg, an intellectual property and technology counsel with Proskauer LLP, knowing the fundamental principles of information governance is key so that any BYOD policy can grow to handle whatever comes tomorrow in this world of rapidly changing technology. Firstly, he says it is important to note the difference between an organization giving out mobile devices for work use, as opposed to allowing employees to use their personal devices for work and store corporate data. Most companies have a mobile device management policy in place for the former, so it's that latter that requires a well-implemented BYOD policy.

InformationWeek Leadership Summit: Build Your CIO Chops

[Do you aspire to the C-suite, or some other spot in upper IT management? Then bulk up your credentials around today's most pressing IT movement, digital business, at the Information IT Leadership Summit.]

If an employee is allowed to use his personal device to gain access to a corporate network for work purposes, he needs to know the expectations of privacy and ownership of data that comes with that privilege, notes Goldberg. For example, if that employee leaves the company and corporate data needs to be removed, will the entire phone need to be wiped, thus causing the employee to lose personal data as well? These are scenarios that need to be addressed in a BYOD policy, Goldberg says.

"It needs to be clear who owns what," he adds. "The employee has an obligation to know what he can and can’t do."

Goldberg says the biggest mistake companies make is allowing employees to use personal devices for work use ad hoc without having a policy in place. "I don't think as of right now there's enough of a history to say that one kind of policy is better than another," he says. "The biggest thing is to have one in place."

Further, he says it is important to involve all of the corporate stakeholders in crafting a BYOD policy

"While one purpose of the policy is compliance and protecting the company, it's important not to overlook that another purpose is to facilitate business goals," he says. "Employees need to be able to meet business needs with their devices within the constraints set by the other stakeholders, such as HR."

Ultimately, Goldberg says the ideal scenario for managing employees who use personal devices for work is the combination of having a clearly defined policy in place along with implementing good mobile device management software.

"Having technology in place that will help you implement the policy is key," he says.  

Bryan Yurcan is associate editor for Bank Systems and Technology. He has worked in various editorial capacities for newspapers and magazines for the past 8 years. After beginning his career as a municipal and courts reporter for daily newspapers in upstate New York, Bryan has ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
8/26/2014 | 11:32:42 AM
Re: Who sets the rules?
That need for collaboration across different groups is being seen in a lot of other areas too. I think those organizations that succeed at fostering collaboration and co-operation across different organizational silos will have a key competitive advantage going forward. But that's a skill that has to be learned with experience.
Byurcan
50%
50%
Byurcan,
User Rank: Author
8/26/2014 | 10:42:58 AM
Re: Who sets the rules?
Yes, it is definitely a group effort, IT, and all the business stakeholders need to be involved.
Kelly22
50%
50%
Kelly22,
User Rank: Author
8/26/2014 | 10:31:24 AM
Re: Who sets the rules?
It seems that creating these policies would have to involve a group effort from all the departments you mentioned. Their differing perspectives would likely complicate the process, yes, but also (hopefully) result in a more complete policy. 
Becca L
50%
50%
Becca L,
User Rank: Author
8/25/2014 | 5:46:55 PM
Re: Who sets the rules?
IT needs to have all those security issues hammered out before they start building the technology, otherwise they are spinning in place while all these issues are held up by the procedures and protocols of these HR/security/.etc teams. Creating a protocol is a long and arduous process, I can see why a lot of banks re hesitant to begin the discussion.
Byurcan
50%
50%
Byurcan,
User Rank: Author
8/21/2014 | 1:07:17 PM
Re: Who sets the rules?
Yes it's a combination of those. IT has to be involved obviously from a technical standpoint of how to best secure the device, but then legal and/or HR have a say in the questions he referenced of "who owns what" when it comes to data.
KBurger
50%
50%
KBurger,
User Rank: Author
8/21/2014 | 1:04:56 PM
Who sets the rules?
Who does Goldberg think should be setting these policies -- is it IT, legal, HR? Probably some combination of that, but again each area comes at the BYOD-related issues and risks from a different perspective, which could make it difficult to create an administer a coherent, consistent policy.
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology Dec. 2, 2014
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.