Should IT guarantee BYOD privacy for employees?

The business world is full of employees using their personal mobile devices for work, but many companies still struggle with how much privacy to grant BYOD users.

The BYOD movement has become an acceptable way of doing business nowadays, with more and more employees using their personal mobile devices for work. But when it comes to BYOD privacy concerns, there are two sides to consider: the employees using their personal devices for work, and the IT administrators tasked with protecting corporate data.

IT administrators deploying enterprise mobility management (EMM) systems might say that, no, BYOD users do not deserve privacy. Admins enact policies on devices that grant access to company data, email and apps; it's up to the BYOD user to sign that policy to gain access to those items. Companies that subsidize the devices employees use for work could argue that IT should be able to access these devices, potentially hazardous apps and company email and data stored within those apps.

IT has little interest in messing with employees' personal photos and data.

But does this mean the enterprise should have access to all the apps on an employee's device, or just the ones associated with work or downloaded through the company's app store?

Any IT admin who has deployed EMM would likely find that employees are pretty passionate on the subject of BYOD and privacy. They might be really excited to be able to do work from anywhere, but also extra suspicious of the company's ability to see what they are doing on their mobile devices. From an employee's standpoint, he could say it's his device; since his employer is requiring him to access company resources and do work from anywhere, he should be entitled to privacy.

Both sides have a substantive argument. Users should have BYOD privacy for their own apps, email, photos and personal data, but not for company-provided apps, company email and data. IT can appease both sides by sandboxing corporate email, apps and data; sandboxing may require a separate login, but makes it clear for the user that company applications are separate from their personal items. Android for Work, for instance, only allows IT to control an employee's work profile.

What about concerns of companies spying on their employees' devices? BYOD users should keep in mind that those on the corporate side have little interest in messing with their personal photos and data. Admins also have personal photos and data on their devices and do not have the staff or time to mine every app on an employee's phone. IT's goal is to simply protect company resources against security threats, meaning employees using their own devices for work must surrender some privacy.

Next Steps

Why companies need a BYOD policy

How to balance BYOD security and privacy

IT's guide to BYOD management

Dig Deeper on Enterprise mobile security