Skip to main content
Jun 24, 2013

Guarding Against the Legal Risks Associated with BYOD

Even though bring your own device (BYOD) has become a widely-adopted movement, many IT managers and business leaders still aren't aware of the legal risks associated with information security and customer information accessed on employees’ personal mobile devices. As David Navetta, an attorney and founding partner of the Information Law Group notes in a recent TechRepublic article posted by Michael Kassner, “the era of legal defensibly is upon us. The legal risk associated with information security is significant, and will only increase over time. Security professionals will have to defend their security decisions in a foreign realm: the legal world.” The security differences between the management and monitoring of company-owned devices versus mobile devices owned by employees are considerably diverse. As Kassner notes in his article, security managers have “almost” dictatorial authority over company-owned devices. For instance, security managers usually determine what types of devices can be used by employees and how they are to be configured. Corporate security teams often install security software and patches on company-owned devices and encrypt company data on each of the devices. At Apperian, we understand the importance for organizations to mitigate the legal risks associated with BYOD. For instance, company trade secrets and other proprietary information like customer data can’t fall into the wrong hands. Employees encounter these risks all the time, whether they’re accessing a customer database while traveling and using an unsecured network or when they access less-secure cloud storage services such as Dropbox. Rogue employee behavior doesn't help. According to a study conducted by Juniper Networks of more than 4,000 mobile device users and IT professionals , 41% of employees circumvent their employers’ official mobile device and mobile security policies. But we also believe that a tyrannical approach to device security isn't deferential to employee device ownership or usage, particularly when it comes to respecting the privacy of an employee’s personal apps and data. Mobile application management (MAM) is a more agreeable approach to securing mobile apps and data without intruding on employee’s personal apps and data. Enterprises can inspect applications to screen for risky behavior and security vulnerabilities, such as malware, trojans, and intellectual property exposure using MAM solutions. Providing administrators the ability to inspect an iOS, Android or Blackberry application can help enterprises to ID potential vulnerabilities with specific apps and circumvent the legal risks associated with lost, stolen, or misused data.


More from the Blog
Mar 13, 2018

Latest Revelations Confirm Arxan’s Suspicions of Source of Apple Source Code Leak Issue

In early February news broke
Read more
Jan 11, 2017

Apperian Moving Up and To the Right as Part of Arxan Technologies

A letter from Mark Lorion, President & General Manager of Apperian. Dear Apperian Customers and Partners,
Read more
Dec 27, 2016

Predictions for 2017 - Where is Enterprise Mobility Headed?

The new year is around the corner and as we look back at 2016 it was an exciting year for the enterprise mobility market, ful ...
Read more