Making Bring Your Own Device (BYOD) And eDiscovery Work For Your Business

eDiscovery Policies

The latest challenges to your business’ eDiscovery policies and procedures may not be changes in the law but may instead be changes in your employees’ lifestyles: they have smartphones and they want to use smartphones to facilitate their work.

A 2011 study by IDC and Unisys showed that approximately 50 percent of respondents reported using personal devices to conduct business on vacation. This is great news for businesses and shows the advantages of allowing BYOD. Unfortunately, the same survey also indicated that 29 percent of respondents used the devices while in bed and around 20 percent while driving, statistics that are probably less heart warming.

And how are IT departments managing all of this? Survey respondents indicate that they now do less than they did in 2010 to secure mobile devices, including publication of social media guidelines (46 percent vs. 60 percent), required employee training (52 percent vs. 64 percent), usage of complex passwords (48 percent vs. 57 percent) and single sign-on (52 percent vs. 73 percent).

The same survey also revealed that three quarters of IT executives believe allowing personal devices increase employee morale and 72 percent say that employees who bring consumer devices into the Workplace are more productive.

Does this mean you should leap into BYOD? Without fully understanding the potential pitfalls, you should probably not leap. In brief, your challenges to allowing BYOD are the following:

  1. You don’t own the device: you don’t control the device.

  2. There are lots of types of data that can be in play with BYOD.

  3. BYOD means data may reside in multiple locations. For example, copies of system emails that normally would only reside on a work machine will also reside on a smartphone or, thanks to said smartphone, be stored in the cloud

  4. Keeping data on these devices safe is difficult. Retrieving the data is near impossible.

As with most eDiscovery-related challenges, BYOD is best managed with a comprehensive policy to manage the program. A thoughtful look at ways to create policies and procedures that can safely allow BYOD into the workplace is covered in depth by this whitepaper from Intel.

Intel has established a service agreement for employees who want to engage in BYOD. The agreement spells out how eDiscovery requests will be handed from both the Intel and employee perspective. Through careful management of device settings, such as ensuring that devices are configured to save changes to the user’s corporate mailbox (instead of saving to the device or cloud-based storage associated with the device), the corporate servers will remain the best source of eDiscovery data collection.

When faced with eDiscovery as it applies to BYOD information, the more clarification that can be obtained about the requested information, the better off you will be. Work closely with your organization’s legal team to establish exactly what information is being requested. Narrow search parameters will save both time and any personal data that exists on the device in question.

And before you need to deal with eDiscovery, be sure that both the IT and legal departments have a good working relationship and that they engage in conversations about BYOD and all of its implications, including – but not restricted to – issues of eDiscovery.

By Jeff Patterson,

An entrepreneur in the field of technology, Jeff Patterson is driven to find ways to make technology a safer and more integrated part of daily life. A trailblazer in the area of K12 email and student safety, Patterson’s innovations have also led the way in data storage. His product, Gaggle Archive, provides inexpensive, cloud-based archiving that truly facilitates and simplifies eDiscovery. In 1999 he started his company, Gaggle, with one employee; the company currently has a staff of 50.

Adam Cole
Mitigating Regulatory Risk Some of the great business opportunities for Unified Communications as a Service (UCaaS) integrators and Value-Added Resellers (VARs) have been the emergence of cloud, telephony and Unified Communications (UC) technologies such as ...
Jonathan Custance
IoT and cloud computing are on the increase High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several ...
Stacey Farrar
Document Migrations Require More Diligence Data creation has risen dramatically in recent years and shows no signs of slowing. According to analyst firm IDC, widespread remote work led to a spike of new data in ...
Dana Gardner
Low-code Development Has Entered a Maturity Spurt Closing the gap between the applications and services a company needs -- and the ones they can actually produce -- has long been a missing keystone for attaining ...
Louis
Real-time Enterprise Software Data Enterprise software startups are capitalizing on real-time data to continually improve revenue, costs, cash flow, marketing, and sales as their business grows. The majority of software startup CEOs spoken with have ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.