Home > Uncategorized > Policies in the New Information Age

Policies in the New Information Age

One of my clients just implemented a new policy within their organization. Concerned about the ease with which corporate data could be lost or stolen as a result of mobile devices, the powers that be decided all users of mobile devices needed to agree to the following provisions in order to get access to corporate email and data.
1.  The company reserves the right to wipe the mobile device for any reason.
2. The company reserves the right to install software on the mobile device for security purposes.
3. The company reserves the right to require encryption sometime in the future.
4. A password or pin will be required to access the mobile device

My initial reaction to this policy was that it was over-bearing and unenforceable. While I understand the need for companies to protect confidential email and other data, the fact of the matter is that this policy doesn’t address the key issue. It is, like many policies and laws, a knee jerk reaction to technology changes that are ahead of controls.

Wiping a mobile device as a result of it being stolen makes a lot of sense.  Wiping a device as a result of a resignation or termination for cause is like closing the barn door after the horse has already bolted.  If an employee is unhappy, there are too many opportunities for them to copy emails and data to a variety of devices prior to a resignation to worry about wiping the device after the fact.

My position is that this particular policy – as written – is too draconian and does not provide any background or explanation as to WHY the overbearing provisions are there.  Also, there is no explanation of why it is important for the owners of the devices need to back up their mobile content and data (music, pics, apps, etc.).  Backing up personal information will prevent it being lost forever in the event the company ever has to wipe the device due to termination or theft.  It does also beg the question, that if personal data can be backed up, can’t corporate data also be backed up?

Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: