BYOD – Making Mobile Devices Work for Your Business

By Brittany Robinett

Today, many businesses are implementing “bring-your-own-device” policies, which permit employees to conduct company business on their own mobile devices.  Encouraging the use of employee-owned devices can save employers the costs of purchasing and maintaining technology, while motivating employees to work harder through increased flexibility and mobile access to the workplace.android-199225_640

Decreased overhead expenses?  Increased workplace productivity?  Sounds like a win-win.

However, allowing employees to conduct company business on their own devices can prove less than cost-effective, as it subjects businesses to multiple security and liability risks.  The greatest of these risks are caused by the removability of devices from the workplace, and the accessibility of confidential company data outside of the workplace.  Employers can mitigate these risks by creating protocols to decrease dangers posed by using personally-owned devices.

Allowing employees to conduct business on their personal devices puts stored data at risk, because that data leaves the workplace.  This non-stationary data may fall prey to wandering eyes, as employees may connect to public access points or private access points that are not properly configured.  Plus, mobile devices are frequent targets of theft.  Passcodes and other security features are not foolproof, and they do not necessarily protect the contents of memory cards or hard drives.  Some of these dangers may be eliminated by requiring employees to use a VPN (or a “virtual private network”).  A VPN allows employees to access their employer’s intranet securely when working remotely.  These networks require authentication prior to access, which helps protect against data breaches.

Employers should always have breach response plan in place.  These plans should focus on complying with regulation requirements, assessing risks of potential breaches, and preventing future breaches.  When it becomes clear that data has been compromised, immediate action should be taken to determine whether federal and state regulations require the data to be reported.  Once a determination is made, necessary parties must be immediately notified.  Even if no regulations demand notification, it is important to determine what data has been compromised, what risk the compromise poses, and what steps could have prevented the compromise of such data.  Encourage employees to report any breaches; it should be remembered that they, too, are exposing themselves to greater legal liability, and should be punished for blatant wrongdoing, not necessarily accidents.  Employers can encourage reporting by providing employee training to recognize at-risk situations data apprehension.  (Note: As the use of mobile technology within the workplace is a growing trend, it is important to keep abreast of new regulations, as the government has given the topic a great deal of attention.  Attorney consult can ensure that nothing goes unnoticed and save employers the hassle of conducting their own research.  They can also provide oversight in drafting company protocol and employee consent agreements.)

Companies should lay out clear frameworks for data preservation and destruction on personal devices.  Personal devices present a unique problem when it comes to preserving data for legal discovery.  Legal counsel can help businesses determine whether a preservation duty exists and what that duty requires.  Employers may demand that employees sign consent agreements, recognizing that their devices may be subject to search and seizure should litigation require it.  Signing a consent agreement puts employees on notice that their devices could be subject to future search and seizure processes.  (This is especially important, as personal and professional information often become intermingled with the dual-use of mobile devices.)  Also, business owners are advised to maintain duplicates of all company-related information from employee devices.  That way, data can still be produced, if not from the original device.

Once a duty to preserve disappears and data is no longer needed, employers should make sure that company data is properly destroyed from device storage.  Simply “deleting” data, such as documents, emails, and contacts from a memory card is not always enough, as the device’s internal storage may retain information.  For this reason, employers should require that devices be restored to factory settings prior to an employee parting with a device.

Bexley Law Firm, LLC
http://www.bexleylawfirm.com

About the Author:  Brittany Robinett is a rising third year law student at the Georgia State University College of Law.

Advertisements

Ambition on a Budget: Maximizing Your Nonprofit’s Resources

By Brittany Robinett

We’re all familiar with the adage, “Money isn’t everything.”  What life experience more often affirms, however, is its caveat, “Money isn’t everything, but it’s certainly something.”  For nonprofit organizations, that “something” is the chance to survive and impact the communities that rely on them.  While this impact seems immeasurable, the operating costs certainly come with a number attached.

The majority of nonprofits in the United States classify as “small” nonprofits.  Financial stress is almost a given for small nonprofits, who are often forced to operate on limited budgets.  Because most revenue is immediately used rather than invested in long-term resources, structural shortcomings arise out of these budget constraints.  One of these shortcomings is the inability to afford financial expertise at the executive level.  Basically, nonprofits often suffer from the top down, because their executive directors cannot provide the necessary financial support.Money and Growth

What are some characteristics of a successful executive director?  Google lists of traits, and they will all boil down to enthusiasm for organizational goals, good communications skills, motivational skills, the ability to strategize, and financial acumen.  The absence of any one of these traits could cripple an organization; yet, financial savviness seems to hold a greater slice of the pie.  Simply put, you can’t compensate for what you can’t afford.  Too often, nonprofit executives stretch themselves thin “handling” finances without the knowledge or experience to effectively do so.  Because they can neither afford training nor outside expertise, they find themselves misinterpreting data and making decisions that negatively affect the organization’s purse.

Of course, it isn’t necessary for an executive to have any financial expertise.  (In fact, executives who lack understanding and conviction for the goals at hand are less than desirable to organizations that aim to have a local – even global – impact.)  However, it is important that the executive have a plan to make such expertise easily accessible and to rely upon it.  When orchestrating a game plan, executives should keep three tips in mind:

First, give your passion and your pocketbook equal attention.  (After all, an organization cannot further goals that it cannot afford to promote.)  Focus your energy on selecting staff members who can actually further the organization’s vision.  Nonprofits naturally attract passionate people, and while it’s important to pack your organization with goal-driven individuals, it is more important for those individuals to understand and develop strategies necessary to achieve those goals.  It’s not always affordable to bring in financial experts to bookkeep or interpret audit data.  However, it is possible to model the qualities of an organization that can afford such experts.  Hire staff with backgrounds in finance management.  Rather than stretching yourself thin by struggling to complete tasks you’re not qualified to do, distribute the responsibility among employees who can see your blind spots.

Second, your board should consist of individuals who actively serve.  While it is tempting to surround yourself with fundraising aficionados or folks with strong community influence, it is important to surround yourself with individuals who offer more than the appearance of power.  Your board is a reflection of your organization, so you want to build a well-rounded group of individuals who can effectuate its goals.  Build a board with strong financially-geared minds, enthusiastic individuals, and people who are willing to roll up their sleeves and take on the not-so-lovely “staff” tasks that come their way.  Although board members hold a higher rank, a servant’s heart holds a value all its own.

Third, “know when to hold em’ and know when to fold ‘em.”  Executives could circumvent a number of financial challenges by not jumping at every deal that pops up.  Cheap (or free) isn’t always better, and it’s important to know when to accept a bargain and when to reject it.  Consult with more financially savvy staff or board members before investing in resources – particularly cheap ones.  While the price tag looks attractive in the beginning, there may be long-term costs that make them prohibitively expensive in the long run.   Sometimes, donations and volunteers are best left declined, particularly when there is no plan to replace them once they’ve diminished.

There’s no room for excuses in leadership, only responsibility.  Don’t make your budget your excuse.

Bexley Law Firm, LLC
http://www.bexleylawfirm.com

About the Author:  Brittany Robinett is a rising third-year law student at the Georgia State University College of Law.