It sounds like a no-brainer if staff offer to use their own laptops or portable devices for work, but employers should realise it’s actually a very bad idea.
Put simply, staff could use their own laptops or tablets to transfer and store confidential business information and thus potentially compromise their employer’s business.
The risks are especially heightened among workers telecommuting, working from home, in one of today’s more informal workplace environments.
It’s tempting for an employer to see staff offering to use their own laptops as a way to save some costs but the potential risks could kill the business, especially if the employee is later sacked or resigns and takes your business trade secrets with them.
Above all, while a business may invest heavily in workplace cyber security systems, none of these may be effective if the confidential business information has been loaded on a staff member’s mobile phone, laptop or tablet and taken home with them.
If that person’s private cyber connection is hacked or worse, the worker takes your trade secrets and then uses them to chase a job with business rivals, then all your security arrangements mean nothing.
"The same warnings extend to staff texting or using private messaging apps in a workplace, or installing personal apps on their work devices."
Employers also need to forbid staff, especially those working from home, to share their work devices with children.
Increasingly in 2019 a business needs to maintain control over its confidential information especially given the way businesses commit more and more confidential data to electronic systems.
The big risk now is software theft. It would be simple for an employee to download an employers’ whole customer database or sensitive marketing strategy plans to an external hard drive or a USB stick drive.
A significant number of data breaches are due to the use of such devices. Then if this employee resigns or is sacked they could effectively walk out of the workplace with all of the employer’s business confidential information to then use for another job with a rival firm.
It’s crucial for business owners to protect their copyright, trade and trade secrets so this means employers need to take a harder line between work and private computers and assorted data devices. Copyright infringement of software is also becoming increasingly common.
If someone has your entire client list, marketing strategy, pricing, passwords and software on their private laptop, your business has suddenly become very vulnerable because your key trade secrets are now outside your control.
The easy portability of laptops and similar devices is matched by the ease with which data can be downloaded into a portable device.
The more you allow staff to use their private laptops and devices for work, the more you need to increase your workplace security.
Mobile phones in particular have become portable computers with significant data storage capacity and with a suitable app could allow the easy transfer of files from an office to another storage device.
Many companies have WiFi in their workplace so you need to also think about the risks if staff connect their personal devices to your WiFi especially if its use is not monitored. There’s a real threat to your cyber security if staff freely use the work WiFi on their private devices. The WiFi network accessible to clients should also be separated from any network used for work purposes.
The need for control over portable devices is emphasised when an employee resigns or is dismissed.
These days if someone is dismissed or suddenly resigns it’s not uncommon for them to be formally ‘walked out’ of the workplace to ensure they only leave with their personal possessions, not the employer’s data which they may have transferred to their private laptop through use of a USB stick.
So there are some very compelling reasons why employers should resist pressure from staff to bring their own laptops and portable devices to work.
In the old days a firm’s trade secrets stayed within the walls of its bricks and mortar building. In the digital age now the rules have been changed forever and employers need to realise this.
There are real risks of allowing business information to be shared around outside the formal work environment, and outside your control.