Employers, here’s something you need to consider about BYOD
As you can imagine, data recovery companies receive multiple drives – and therefore a truly enormous amount of data – on a daily basis. A significant portion of this data could be described as personal and/or sensitive. This is precisely why any company that deals in the act of recovering data from failed hard drives, phones, PCs etc. must adhere to the data protection act (soon to be replaced by the GDPR) and ensure that all information gleaned from any device remains confidential.
In recent years, a trend has developed amongst employees which has seen them bring, and use, their own devices at work (dubbed BYOD or Bring Your Own Device). These devices tend to contain personal and sensitive data concerning the individual as well as data that is vital to their employer. This can, under certain circumstances, be problematic for all concerned.
Imagine for a moment if an employee has been using their own laptop at work. The laptop’s drive contains data that belong to the device’s owner and that this individual would not want their employer to see. The hard drive also contains information that is vital to the employer, has failed, and they have therefore insisted that it be recovered by hard drive recovery specialists. As the company instructed to retrieve this data will be unable to open any of the files it may recover, it will be unable to determine which of the files are relevant to the business and which are not. This means that they will be unable to determine whose data is whose. In this situation everyone loses: the employee is unhappy that his employers could have potentially received personal and private data, the company is unhappy as the trust that exists between them and their employee will have diminished and the company that recovered that data is unhappy because their customers are unhappy. Yes, you could argue that all data could simply be returned to the employee and that they could then pass their employer’s data back to them, but if the data is truly vital, then it is fair to say that they will want it back as quickly as possible. What if there was a way to avoid this?
With more and more employees using their own devices at work, it is necessary for employers and employees to discuss effective and robust means of managing the data that will be stored on these devices. It may be advisable to, for example, partition the drive so that all company data can be stored in one part of the drive only. Alternatively, the employee could simply keep a spreadsheet containing the names of all files that belong to the company and that they’ve stored on their personal devices. In the event of the drive failing, data could then be recovered from the drive and the relevant data returned to the parties that require it only. Finally, employers could consider attaching a drive to their networks which employees must use to store any files they create whilst using their own devices at work.
The growth of BYOD does have the potential to cause problems for companies and employees alike, but anticipation, effective planning and the creation of appropriate polices can prevent this.
If you’ve lost vital data, you can book a free data recovery diagnostic and get a no-obligation data recovery quote here.