Edward H. Block, attorney in Gardere’s litigation practice, published an article in Texas Lawyer on the ramifications of – and safeguards against – employees installing rogue hardware or software onto their company’s computers. While the employee might have good intentions, such actions might be in breach of compliance requirements.
“Clearly one of the first steps in combatting shadow IT is to establish policies to address unauthorized implementation of computer software, hardware and services. Such a policy should also be closely tied to the organizations' bring your own device (BYOD) policy and address how employees can seek approval for apps on mobile devices,” writes Block. “Publishing a list of ‘approved’ apps is a good practice.”
A former chief information security officer, Block frequently writes and speaks on cyber security issues, and holds dual certifications by the International Association of Privacy Professionals.
Subscribers can view the entire article here.
Let’s Talk Compliance | Provider Relief Fund: Reporting Requirements and Compliance Concerns