Thoughts & Opinions

by

Eva Del Rio

A collection of columns

and articles about HR

and the workplace

Can Employers “Remotely Wipe” an Employee’s Personal Phone?

Bring Your Own Device Q:  We used to provide company cell phones to employees and it was easy for IT to ensure that company data was secure because we maintained the equipment and software.  But we’ve moved away from that as people started bringing their own devices to work.

Now we have iPhones, Androids and a mish-mash of technology and software.  And even though employees aren’t allowed to store company information on their personal devices or use public Wi-Fi, I worry about sensitive company information if a phone were lost or stolen.  Can we require that employees allow us to remotely wipe their phone in these situations?

A:  Absolutely. Companies can install software in employee phones that allow the company to do this, and employees should be clear about this because it should be included in any Bring Your Own Device (BYOD) policy.

I know.  Most companies don’t have a BYOD policy.  And for those that do, the policy was not planned proactively but was instead pieced together as needed when more people started bringing their own devices.  As a result, the only problems these policies address are those that have already come up.   For instance, after the company server gets infected with malware from a jail-broken iPhone or a rooted Android device, those types of phones are prohibited. Or, after an employee quits without notice and walks-out taking company information, then you start prohibiting the storage of company data on personal phones.

But, writing policy in this reactive mode means we’re always catching up to the problem.  So be proactive instead, design a BYOD policy that addresses problems before they occur and let’s everyone know their responsibilities.

The policy should help employees understand that the convenience of using their own phone, means there will be some tradeoffs in privacy.  They should know  that if lost or stolen their phones may be wiped remotely, (as in your example). They should also know if they’ll be GPS monitored, how,  and during which hours.  That their personal information (text, photos, emails) may be retrieved/subpoenaed  in the event of litigation.

So yes, all these are doable, but employees should know they are possibilities before they actually occur. In other words, be proactive not reactive, implement a policy ASAP.

© Copyright Eva Del Rio

Eva Del Rio is creator of HR Box™ – tools for small businesses and startups. Send questions to Eva@evadelrio.com

 

More To Explore

Uncategorized

Did the vaccine mandate work?

What did president Biden’s covid vaccine mandate mean for the workplace? If you were in the private sector and had fewer than 100 employees you

Uncategorized

How to talk to the vaccine hesitant

Q:  Our employer is now requiring all employees to get vaccinated or be tested every other day.  I work with a colleague who wants to