In May, a Californian woman sued her employer for firing her. Termination lawsuits are nothing new, but this one broke new ground. Myrna Arias of Bakersfield, Calif., who worked in sales for money transfer company Intermex, says she’s fighting back because her termination was retaliation for deleting a company-mandated location-tracking app, Xora, from her smartphone. Arias claims Intermex illegally used the app, which tracks mileage and employee hours among other workday details, to snoop on her after hours. The suit asks for $500,000 for violation of privacy with an unspecified amount for suffering to be decided at a later date.
When news of this first hit, I found myself sitting on the fence, at least initially. If the invasion of privacy claims are true, Arias has a right to be upset, of course. On the other hand, companies have a right to monitor employees’ performance using the latest mobile technology, as long as they don’t overstep legal bounds. According to Arias, her boss did in fact abuse his technological access to her personal life – he bragged about knowing her whereabouts and how fast she drove on the weekends – and then fired her for complaining about the intrusion.
Unfortunately, as more of us use our own smartphones for work, more privacy situations are likely to crop up, even if most are cases in which there are no obvious bad actors. The adoption of BYOD, especially in small businesses, has seen a substantial uptick. According to industry analysts, at least three-quarters of organizations either already have BYOD employees or plan to allow them. IT departments unprepared to manage this onslaught of personal devices will struggle. Without proper policies in place, companies have:
- No visibility into what employees are saving to their mobile device
- No control over what is being shared outside of the corporate workspace
- No corporate data protection if a device is lost or stolen
- No simple, clear way of sorting through personal or business use
- No line of sight over possible employee theft or conflicts of interest
Organizations are not the only ones nervous about their data, as the Arias case proves. Even without clear evidence of snooping, most of us have wondered about our IT-managed personal phones:
- Are “they” watching what I’m posting on Facebook, Twitter and Instagram?
- Can they read my texts about what my friends and I did in Vegas over the weekend (and know why I called in sick on Monday)?
- Can they listen to private phone conversations?
BlackBerry Balance is designed to help alleviate security worries on both sides. Balance, which comes built into all new BlackBerry smartphones equipped with the BB 10 operating system, splits a phone’s interface into separate work and personal containers. Corporate apps live in the work space and the user’s own apps reside in the personal space, with each side having its own file system, communication channels and wallpaper to boot. The personal space launches by default, letting employees use their phone for all their usual personal and social activities. When they need to perform a work task, they simply tap on the Work tab to gain access to all the company apps, email, contracts, documents, calendar and other data. Balance blocks any attempt to copy and paste work data into personal apps – so no accidental tweets about private corporate strategies.
If your company needs to securely manage BYOD phones as well as BlackBerry devices, a version of Balance called Secure Work Space is available for iOS and Android phones. Companies can install, manage and protect apps from third-party vendors in the work space, while employees can install personal apps and entertainment in the personal space of their iOS or Android phone. Administrators can manage all Balance- and Secure Work Space-equipped smartphones from one convenient console.
But back to an employee’s right to smartphone data privacy. What should company policy be? With Balance, Arias would have been prevented from deleting the Xora app in the first place, but that wouldn’t have necessarily been the right outcome. A prudent organization will respect the phone user’s personal life and personal phone space; what the employee installs or does on the personal side of Balance should be safe and private, and these rules should be set out in a clear set of usage policies. That way everyone involved, users and IT alike, will know what is expected and what lines the company will not cross.
If employees want to delete a company app for their own peace of mind, perhaps some serious consideration should be given to revisiting that app. A secure solution should offer a sense of trust and confidence, not the feeling that Big Brother is watching your every move. There is a time and a place for both work and home. BlackBerry Balance and BES12 make it a lot easier for both you and your employees to keep them separate.
To learn more about the latest mobile security threats for both employees and employers, their impact, and how BlackBerry is staying ahead of them, tune-in to this Thursday’s BlackBerry Security Summit. Get all the details here.