By all accounts, Bring Your Own Device (BYOD) to work is catching on like wildfire because virtually every American worker holds a device in the palm of their hand which is faster and more powerful than some of the most powerful desktop computers from as little as ten years ago. As employees at all levels of the corporate structure live their life through their little device, they are demanding to do their work through those devices as well. With the ever increasing network of manufacturing processes and equipment, supply chain and distribution methods, and dealer inventory controls, the ability to conduct all aspects of the auto industry’s business through a hand held device becomes easier each day. Even if management ignores employees’ demands, there are powerful incentives for employers to adopt a BYOD policy. Similarly, there are plenty of things that can go wrong when a company allows BYOD. Here are some tips for making sure BYOD is a marriage made in heaven.
Clear written policies and guidelines should be developed and communicated. More importantly, effective implementation must be more than handing out a new written policy and must involve face-to-face training and communications where employees can ask questions. Ideally, like employment agreements, BYOD policies should be signed by each employee.
Unless you know how your systems work, how they are integrated and what the security vulnerabilities are, you cannot begin to allow BYOD. The whole purpose of BYOD is to marry employee demands for ease of access and functionality with company efficiency and security. It is all too easy for a company to reap the financial benefits which come from saying “sure, you can use your own device at work!” as a way to reduce the company’s expenditures on hardware and software. However, such a decision cannot be taken lightly. Management should solicit input, from each functional area of the business, the full impact of implementation. It should be obvious that the IT department plays an integral role in implementation but each level of management, including first level supervisors, must also be involved.
Consider which uses of GPS receivers, cameras, audio recorders, video recorders, mobile storage capacities, and any other tracking/data capturing functionalities should be permitted or prohibited. For example, consider disabling copying from a local drive to an usb/mini-usb port connected to a mobile device so as to avoid either the intentional or inadvertent loss of the manufacturer’s data. Consider prohibiting the taking of photographs inside your manufacturing plant as a way to protect your technology.
Unintentional data loss WILL occur so you should plan for it in advance. The need to protect information cannot be overstated. Getting employees to promptly tell you they have lost their device is the first practical hurdle to overcome. Thus, while developing BYOD policies, companies should create plans to address lost or stolen devices. Intentional data breaches will be attempted by some seductress attempting to destroy your otherwise happy marriage. System vulnerabilities will be exposed and new ones created by allowing a multitude of personal devices to have access to your network. Now is the time to toughen up to fend off invaders.
Employees who are non-exempt under federal and state wage and hour laws must be paid for all time spent “working.” Well intended and motivated employees who regularly just want to “check-in” to monitor production, sales or distribution when they are home, on vacation (or like this author subject to bouts of insomnia), may have to be paid for this time. Regularly “checking-in,” could trigger overtime under applicable laws or premium pay obligations under labor contracts, or worse yet, lawsuits for unpaid wages. There is no one right answer for this problem, but it can and should be figured out before BYOD is allowed.
BYOD can be a marriage made in heaven but only if all parties plan properly and stay dedicated, resist temptation to cheat and make necessary mid-course corrections.