Does your firm have a bring-your-own-device policy?

By Dennis Kennedy One of the biggest trends in workplace technology is known as the "consumerization of information technology." The idea is that people like the personal technology devices they use so much, they want to use those for work or trade their work-issued devices for the ones they use personally. Consider using a MacBook Air at home and a 3-year-old Windows notebook at work, or an iPhone 5 as your personal smartphone and an aging BlackBerry at the office. It's easy to see how the momentum for this trend has developed. But there are two sides to the consumerization of IT, with tech departments generally caught in the middle. The two most common approaches businesses will consider are BYOD (bring your own device) and COPE (company-owned, personally enabled). Consider the differences: With BYOD, a separate, secure area for work data and activity is created on an employee's personal device. In COPE, a separate area for personal data and activity is created on an employee's otherwise securely protected work device. The concepts are simple, but the devil is in the details. In a standard BYOD scenario, an employee installs an app like Good for Enterprise on a personal phone. With a password, the app allows the employee to access work email, documents and other permitted, protected data and services. Everyone is happy. Or are they? In BYOD, a firm's IT department will have to support a wide variety of personal devices. Is it fair to require employees to pay for work usage? And what happens when an employee leaves or a device is lost? Can the firm wipe the whole device of just the work-related data or portions of the device? Also, how will the firm's technology-use policies apply to the personal device? Where is the line between personal and work? In COPE, the firm owns the devices and provides the cellular plan. The firm allows the employee to install apps, music, video and the like and to use the "nonwork" portion for personal purposes. The firm usually provides a list of devices to choose from, which makes life easier for the IT department. Not surprisingly, COPE also raises many questions, most of which are the flip of the BYOD questions: Do you charge employees for personal use? What happens to employees' personal data when they leave? How will the firm's technology-use policies cover personal use? And once again, where is the line between personal and work? The consumerization of IT is another example of how a standard technology brings up many issues about the culture of a firm, how to treat those who work for it, and the blurry line between work and home. Firms need to understand the main approaches and the vocabulary for the discussion because this trend is likely to keep gathering momentum. Dennis Kennedy is a St. Louis-based legal technology writer and information technology lawyer. Published: Mon, Dec 31, 2012