Does MDM Threaten Employee Privacy?

For years, the concept of bring your own device (BYOD) into the workplace has integrated into most offices. It’s hard to imagine a world where an office employee doesn’t pick up their personal phone or tablet to perform some needed task. But even the smallest of tasks can be damaging to an organization. Even the smallest misstep can have a disastrous impact.

Which is how Mobile Device Management (MDM) solutions were born.

But are they the right solution for your company?

MDM solutions can be scary for an employee. To install something that allows their employer to have complete visibility into their actions at the click of a button can leave them worrying about privacy issues. And once the solution is installed, there is little to indicate that monitoring is taking place. How do you ensure you are doing all you can to secure your company’s data without infringing on your employee’s privacy rights?

One of MDM’s biggest selling points is also the one thing ripe for abuse: the ability to monitor all incoming and outbound traffic. With an MDM solution, security can visibly see all emails, browser searches, personal information such as passwords, and more. This means if an employee uses a computer to do what they might consider to be personal activities, such as accessing personal health information, searching Amazon for a product, or viewing financial or political information, it could be held and used against them at some point in the future.

And it isn’t just what an employee accesses. It can also include what apps an employee downloads. While this may seem innocent, it gives an organization the ability to track what an employee does even in their personal time. It can lead to building a detailed profile of employee behavior. All of a sudden, an organization can see what sports teams a person follows, what dating sites they use regularly, or what news organization they access on a daily basis.

And because smart devices are attached to geotracking, MDM solutions can also be used to determine employee locations 24/7. This capability has the potential to record far more damaging information than merely finding a phone if it’s lost.

Employees expect freedom to use their phones and tablets as they see fit, especially during non-working hours. But do simple security measures such as PIN codes and disk encryption offer enough security to protect a company’s information?

What’s your policy on BYOD and MDM?

Leave a Reply