Corporate Mobile Device Policies Best Practices

By Josh Markarian | August 9, 2019 |

The convenience and functionality of mobile phones, tablets, and laptops enable our content hungry lives. Each year, we become more dependent on constant use of mobile devices to keep up with our professional and personal lives.  Mobile technology is so ingrained in our daily life, we use it to shop, email, search the web, navigate, take pictures, engage in social media, and of course call/text our friends and family.  We rarely consider how this information could affect electronic discovery and litigation.

The rush to put the world at our fingertips has ignored potential risks this increased connectivity might cause in the world of litigation discovery. Forensic collection and e-discovery continues to be complicated as a result of personal devices in the workplace. Mobile device technology might be on the cutting edge, but the legal industry is constantly evolving to catch up.

From a security and liability standpoint, mobile devices in the workplace can seem like a no-win scenario. To reduce costs, many companies choose a BYOD (Bring Your Own Device) policy. This route can expose these companies to the security risks of unsecured and unmonitored devices in close proximity to sensitive company data. Using personal devices for, or at work, exposes employees to the risk of their phones’ contents being reviewed during document review. More often than not, the freedom and comfort or your personal device is not offset by this level of privacy intrusion.

As more companies start to implement BYOD policies, their will also be a rise in the challenges when trying to gather data from employee devices. When it comes to types of discover-able data from a mobile device it can include any of the below:

Phone Logs, Email, Texts, GPS, Photos, Videos, Browsing History, App History, Search History, Calendar, Contacts and much more.

Other companies choose the COPE (Company Owned, Personally Enabled) policy option, and provide phones to their employees. The greater control over the devices reduces the security risk, but creates other problems when employees use the devices to post to social media, sync personal email accounts, and engage in offensive communication not in line with company views.

Information governance needs to be a priority when thinking about how to best handle personal devices in the workplace in order to reduce confusion in electronic discovery. Moreover, the concept of BYOD leaves the question of how to know which and how many devices might have accessed the corporate network.

Here are a few of the most comment problems encountered with mobile discovery:

Limited access to devices

Increase in the number of new devices and types of encryption out there

Increased BYOD privacy and security on devices.

Cell phone carriers don’t hold data for that long

Posted in Blog Posts, eDiscovery and tagged , , ,

Leave a Comment

You must be logged in to post a comment.