CIO Takes Action to Solve BYOD's Privacy Problem
The BYOD policy at a California law firm earned the CIO the nickname of Big Brother. However, the sarcasm stopped when he sprang into action and saved the day when an attorney's smartphone was swiped. The case represents the love-hate relationship workers and IT management have with BYOD.
Fri, June 21, 2013
CIO — In California's central valley, attorneys at employment law firm Dowling Aaron came up with a nickname for CIO Darin Adcock, who had just crafted a Bring Your Own Device (BYOD) user policy. They called him "Big Brother," referring to the oppressive party leader in George Orwell's dystopian novel "1984."
"They'd come by my office and say, 'What's up, Big Brother? How's my phone today?'" Adcock says.
Then a thief smashed the window of an attorney's Lexus and swiped his iPhone 5. Big Brother leaped into action and quickly wiped the phone of all data and apps, saving the attorney from the threat of having his personal banking information, texts and emails compromised.
Word spread throughout the law firm, and the name-calling stopped. "I started getting comments of appreciation," Adcock says.
The Two Sides of BYOD: Flexibility vs. Security
The events at Dowling Aaron underscore one of the great challenges in the ongoing saga between CIOs and employees: BYOD has a privacy problem. Employees want to tap the power of BYOD to make their work lives easier, while CIOs must take measures to safeguard corporate data.
Truth is, many CIOs attach draconian user policies to their BYOD programs that are heavily weighted toward corporate rights to access and monitor devices. An employee's expectations of privacy get short shrift. Employees simply don't trust the IT department to have access to their personal devices.
[Slideshow: 10 BYOD Worker Types]
Making matters worse, privacy—and technology's capability to circumvent it—is on people's minds these days. Facebook, Microsoft, Apple and Yahoo have all come under fire recently for secretly handing over customer information to the government.
President Obama summed up the problem while defending National Security Agency's spying programs: "We're going to have to find ways where the public has an assurance that there are checks and balances in place ... that their phone calls aren't being listened into, their text messages aren't being monitored, their emails are not being read by some big brother somewhere."
Dowling Aaron is a particularly interesting case, because the firm's employees are well-versed in BYOD. They often advise clients about employment policies and safeguarding corporate assets. Now they are on the receiving end of one of those BYOD employee policies.
You'd think they would be more vocal about employee privacy rights in their own company, but the opposite happened. One of the advisors to the BYOD policy was a Dowling Aaron attorney specializing in HIPAA, the Health Insurance Portability and Accountability Act. He wanted tougher security measures in place.