Kroll Ontrack | Home

Kroll in the News

Suspect a Data Breach?

  • Call the Data Breach Hotline:
    1-877-300-6816 (24/7 access)

Contact Us

Learn More

HITECH Hotline
A solution for healthcare data breach response.

Learn more

Additional Resources

Subscribe to our Data Security Newsletter

HIPAA Self Risk Assessment Demo Video

Three important issues to address when devising BYOD policy for tablets and smartphones

Nashville, TN - April 17, 2012

There’s a great trend in business today for employees to ask – sometimes demand – to use personal equipment for their work, and to have that equipment connect to company networks.

But, as convenient as BYOD policies might be, it poses many issues for organizations that can’t be ignored. For example:

  • How can the device’s security be brought to an adequate level? In some cases, this involves the installation of specific software that will assure that email, for example, is encrypted for both transmission and storage. The device can also be password protected, with an automatic time-out requiring re-entry of the password.
  • Will the device present an issue in regard to electronic discovery? What is the likelihood that a file written on the device may not exist elsewhere? Will these devices become subject to electronic discovery orders or litigation hold notices?
  • What degree of access will the owner of the device permit the company to have? Full access is essential in the event of an incident where the company has to investigate (for example, to determine if a reportable data breach has occurred.) Will the owner permit a remote data destruction capability? Will they protest repetitive password entry requirements? Will they willingly give up their machines where content is subject to a discovery request or court order?

Collectively, we think of these issues as “SSED” (Securing Someone Else’s Device).

Read the full article, by Alan Brill, at Tab Times.