As the bring your own device (BYOD) trend gains popularity, both employees and employers are beginning to worry about the legal issues associated with such a program. An online survey conducted by Harris Interactive (News - Alert) for Fiberlink, a provider of mobile device management solutions, shows that employees are concerned about big brother keeping ‘round-the-clock tabs on all devices.

While legal firm Reed Smith’s privacy rights attorney Tim Nagle thinks that BYOD comes with a minefield of legal questions and risks. Nagle helps companies navigate this maze of legal dos and don’ts.

According to a blog post on Fiberlink’s blog, “MaaSters Center,” by contributor Pragati Chaplot Jain, the legal challenges must be addressed head-on, as the road ahead deviates from that of the middleman who owns separate devices for work and personal use.

According to the blogger, some of the most prevalent BYOD legal challenges are data breaches, data privacy, data control for personal devices, terminated or departing employees and unlawful BYOD activity. Since data breaches are growing, the blog post suggests that smartphone users and pro-BYOD organizations must mandate the use of password manager applications for storing their passwords, as well as deploy policies that prevent the user from storing password online and refrain from connecting to open unsecured wireless signals.

Likewise, regarding data privacy, the blog recommends communicating the policies to the BYOD workforce. The BYOD agreement must clearly state the employers’ right to access employees’ personal mobile devices. Another challenge is accessing the information on mobile devices owned by terminated or departing employees. The agreement must ensure that these devices are legally safe and can’t dent an organizations reputation. Lastly, the BYOD program must ensure that employees are not sharing information and the companies must smartly monitor for any illegal data mining activity.

To simply beat the key legal challenges of BYOD, the blogger recommends following the simple steps outlined below:

• Start with complete risk analysis of the BYOD ecosystem. 
• Educate employees on the deliverables of the BYOD program.
• Create BYOD policies that can be implemented and followed with ease.
• Clearly highlight the implications of a rogue BYOD behavior. Rogue BYOD behavior often lands organizations in legal jeopardies.

According to David Nevatta of InfoLawGroup, “The BYOD contract must highlight the need of appropriate security software, screen locks and data encryption applications on devices accessing corporate email and other corporate resources.”

Lastly but most importantly, wrote Jain, the organization’s mobile device management (MDM) solution must support data containerization, a technique that allows you to separate your work and personal data. The blog indicates that Fiberlink’s cloud-based MDM solution, MaaS360, has helped organizations from a diverse range of industries dissolve their BYOD legal challenges.

In another posting on the MaaSters blog, contributor Rob Patey discusses methods for identifying and mitigating BYOD risks. By having complete control of all devices used for corporate functions, and ensuring consistent information governance through strong policies, businesses can enjoy the benefits of BYOD without worrying about these threats.