If you even have one, the odds are good that your policy on employee use of cellphones at work is out-of-date. Smartphone technology has simply changed too quickly for manyto keep up. Devices that just a few years ago could only facilitate garbled phone calls now transmit data globally at the speed of light.
Lost or stolen smartphones can pose a serious risk to your trade secrets and confidential information. That’s true whether the phones are company-issued or belong to employees.
Employers that give phones to employees obviously may exercise greater control over their use. Employers should make it clear that employees have no expectation of privacy when using an employer-issued phone. The same is true of communications on networks you pay for.
But some employees may also use their own smartphones to store and transmitting company data. That makes enforcing your smartphone policy trickier. However, you can take action to protect your data and limit employer liability.
Start by crafting an agreement that employees must sign. Require employees to report lost or stolen phones as soon as possible.
Insist that employees have all appropriate IT protections in place to protect company data. This includes encryption, password protection, automatic lockdown after a period of inactivity, automatic deletion after several failed log-in attempts and anti-virus protection.
Require employees’ permission to execute a “kill” command should the phone be lost or stolen. That enables you to disable the phone, making it more difficult for proprietary information to fall into the wrong hands. Most cellphone carriers provide this service. Include language that holds the company harmless for employee data (such as photos, texts and contact lists) that may be destroyed when the phone is disabled.
Finally, include a clause that allows you to remove all company data from employee phones when they are terminated or resign.