1300 130 447
make a knowledge base
available to end users
Source - HDI Report
About the Knowledge Base
Search all the Knowledge Base
Testimonial: I have found that the new HDAA Knowledge Base reduces the time it takes me to research industry stats & reliable information for the ITSM sector. It’s easy to use search functionality encompassing KCS principles, helps to filter & tailor my searches more accurately & there are numerous new services now available through the website. Every time I return to the site there is new information published. Very impressive.
Chris Powderly, Support & Services Manager, Allens
Governance & Risk Management
Cloud , Risk , Security , Knowledge Workers , Compliance , Phone Security , Email Security
Why you can't ignore ITSM , Weaving a Secure Web: Security Collaboration in Practice , Top 3 Data Security Challenges for IT Managers , Tech Trends: Security and Access Management , Tech Trends: Disk Imaging
Employees armed with a battery of smartphones and other gadgets they own are casually connecting to work email and other employer servers. It's a less-than-ideal security arrangement that technology pros call BYOD — bring your own device.
Now, lawyers are warning there's an unforeseen consequence of BYOD. If a company is involved in litigation — civil or criminal — personal cellphones that were used for work email or other company activity are liable to be confiscated and examined for evidence during discovery or investigation.
It's a possibility even technology pros rarely consider, said Michael R. Overly, a technology law expert in Los Angeles.
"You would be very surprised to hear that even extremely sophisticated business people seem shocked when they learn their personal phone, including email, GPS data, photos ... may be subject to review in litigation involving their employer," Overly said.
BYOD is a worldwide reality and a dramatic shift in the way companies outfit their employees with work tools. Cisco Systems Inc. released a report earlier this year saying 42 percent of all "knowledge workers" own the smartphones they use for work, and two-thirds of companies expect the employee-owned device phenomenon to increase.
The convenience is hard to ignore, as is the personal touch — workers love picking their own phones — but of course, cost savings is the real driving force. Increasingly, companies are requiring workers to supply their own gadgets at their own cost, the way a restaurant might require waiters to purchase their own uniforms.
Even if companies reimburse those employees, there can be a big hidden cost for workers — the possibility of losing their phone for days or months while their company combs through it for data relevant to legal action.
“People’s lives revolve around their phone, and they are going to become more and more of a target in litigation,” Overly said. “Employees really do need to understand that .”
Giri Sreenivas, a mobile phone security expert at Boston-area firm Rapid7, warned discovery requirements can extend far beyond email stored on smartphones.
"Text messages and cellphone records might be subject to discovery, too, even if you never connected to company email," he said. "If lawyers believe the device was used for work purposes, it can be (taken).”
How could firms gain the right to rummage through the most personal items on worker’s phones — pictures, texts, social media accounts? In many cases, it’s not a right, it’s a duty, says Overly. When a company is sued, and required to produce documents as part of a discovery process, it must make a good-faith effort to retrieve data — wherever it may be. That includes employee-owned gadgets.
In fact, Overly says he was part of a case recently where a judge sanctioned a company for a discovery violation because it failed to search BYOD devices during discovery. He declined to name the case.
Companies are racing to keep up with the trend — trying to set policies, inform workers of their rights, and superimpose BYOD rules over arrangements that organically evolved within their workplaces. Increasingly, companies are requiring workers to sign agreements that alert them to the potential of personal gadget seizure, Overly said.
Christopher Dahl runs a Seattle-based firm that specializes in digital document retrieval for lawyers called Lighthouse eDiscovery. While he says industry discussion is dominated by talk of BYOD discovery, he said gadget seizure has not become common — yet.
"We see mobile devices infrequently. We only had one come in last month," Dahl said. "It's typically pretty rare where the company can't get the same information from another location. Companies will have to disclose that the information is on that second location (the smartphone) but typically don't have to dig into that second place."
Workers wary of having their personal phone nabbed can carry two phones – one personal and one for work – but even that’s not fool-proof. An occasional connection from the personal phone to work email can make the phone subject to discovery. Going this route requires diligent work and personal separation.
"The No. 1 thing you can do to ensure your device is not subject to seizure is to remove any sort of company account ... and then inform the company it's been removed," said Sreenivas.
Dahl warned about accidental blending of personal and work data through a seemingly innocent USB charge connection that leads to accidental synching of data.
There may be a technology solution to this problem in the future. The newest Blackberry phone claims to create a work data-personal data divide, which has the potential to limit the searches that might be conducted by company lawyers. complete smartphone BYOD article >>
Search all Articles here.
Return to the Knowledge Base.
For more information, please contact HDAA on T: 1300 130 447.
No Result Found
- Contact Us
- IT Membership
- Support Centre Association
- Comparison Guide
- Price Guide
- Membership Conditions
Training & Workshops
- Training Courses
- Recent Workshops
- Cancellation & Transfer Policy
- ITIL Training
- ITIL Foundations
- Support Centre Consulting
- Service Desk Consulting
- Help Desk Consulting
- Media Kit
- Update your details
- New account
© Copyright HDAA. All rights reserved.
HDAA - Energising the Service & Support Profession
Help Desk Association Australasia Pty Ltd trading as HDAA
T: 1300 130 447 T: +61 (0) 2 9986 1988 F: +61 (0) 2 9986 1330
E: firstname.lastname@example.org W: www.hdaa.com.au A: PO Box 303, Turramurra NSW 2074 Australia
ABN: 20 088 292 755
Our Services: ITIL | ITIL Training | ITIL Foundations | IT Membership | Service Desk Association | Support Centre Association | Support Centre Training | Service Desk Training | Help Desk Training | Support Centre Consulting | Service Desk Consulting | Help Desk Consulting
ITIL® and PRINCE2® are registered trade marks of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
RESILIA™ is a trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
The Swirl logo™ is a trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
DevOps Foundation®, is a registered mark of the DevOps Institute.
HDI® is a Registered Trade Mark. HDAA is the Australasian Gold Partner of HDI®.
KCS℠ is a Service Mark of the Consortium for Service Innovation™.