• Tech

    Beware of Bring Your Own Device

    By | February 3, 2016

    naked-smart-phone-addiction-dependency-confession-ecards-someecards-300x167.pngI woke up in shock on my first day of freedom after leaving my Big 4 job. I leaned toward my nightstand to check the time on my iPhone. Wait, what?! My phone had been wiped. Panic set in first. When did I last back it up?

    Then reality hit me like a sledgehammer. I vaguely remember signing a Bring Your Own Device (BYOD) agreement granting my former employer the authority to remove all of the corporate files from my personal phone. “Appears reasonable,” I thought.

    Little did I know, that “remove all corporate files” involved a remote factory reset! A little advance warning would have been helpful. What’s worse, my backup file was corrupt and the restore failed.

    To make a long story short, recovering my phone’s personal data required a tearful appointment with Apple. Cue the world’s smallest violin.

    Fast forward to now. BYOD is becoming extremely common as companies embrace the consumerization of IT. According to analysts, preventing employees from using their own devices is futile and even damaging

    However, it’s not all sunshine and roses. Here’s the crash course in the benefits and risks of BYOD:

    Benefits

    • Companies typically see increases in productivity from improvements in workflow efficiency and shorter response times. Plus, calendar sync might protect you from the classic “Oh, we had a meeting?” syndrome.
    • An enterprise can reduce technology costs on the employee’s dime by piggybacking onto their devices. And, employees are excited about it. (Counterintuitive, don’t you think?) However, it could also mean fewer tech dinosaurs.
    • Personnel have fewer devices to lug around. Anything to save us from this fashion emergency.
    • Employees have more flexibility and the ability to work from anywhere. Namely it is easier for employees to do work after hours. You guessed it. Work-life balance is doomed. Oh wait. I forgot. It’s been dubbed work-life blend now. I wonder why.

    Risks

    • Companies must be willing to accept the risk of information leaks. If loose lips weren't worry enough, now companies have to worry about people losing their phones.
    • Device diversity may give IT staff a headache. KitKat, lollipop, marshmallow… ain't nobody got time for that.
    • Weak security on personal devices may give intruders an easy target. “Wait, but my phone has a 4-digit PIN and uses my thumbprint! It’s totally safe right?” That’s a big fat no as demonstrated by this brute force attack.

    For companies to keep their noses clean and prevent BYOD from “just happening,” enterprise mobile device management (MDM) shouldn’t be taken lightly. It might be best to call in reinforcements. Thank goodness there are a few companies that specialize in MDM tools and solutions. For instance, MobileIron is capable of “providing secure corporate email, automatic device configuration, certificate-based security, and selective wipe of enterprise data for both corporate and user-owned devices.” Keyword: selective. After my experience in 2012, it’s about darn time.

    Do you have any equally traumatizing BOYD stories or want to laugh at me for crying about my iPhone? Go ahead in the comments!

    Image: Someecards
     

    • PwCASSociate

      I’ve never participated in BYOD as a corporate professional. I know my current employer does data analyses over everything typed in internal chat clients and e-mail. I wouldn’t put it past them to monitor our phones as well. One of our seniors at PwC kept trying to get staff to download some location app which would tell him where we were at any point in time (prick). Having a phone which could not do this was a huge asset for the week I worked on his job before calling him an asshole and storming out. After that, my corporate blackberry was viewed as a blessing.

      • Sammy K

        “One of our seniors at PwC kept trying to get staff to download some location app which would tell him where we were at any point in time (prick).”

        -This is a violation of a handful of PwC policies. You should discuss the issue with HR and/or a partner.

        • PwCASSociate

          This was 6 1/2 years ago. Neither him or I have worked at the firm for about 4 1/2. Moot point now but I probably should have at the time.

          • Another exKPMGer

            No, you should have beat his ass with bars of soap in a tube sock.

        • Sure thing…Narc.

          -_-

          • Sammy K

            Oh yes, being harassed by a superior to install software to track your physical location and then telling HR about it makes you a narc. What a fucking stupid thing to say. You probably were the senior who is so desperate for friends that you make associates have trackers so you know where they are. What a fucking psycho.

            • N.E.R.D.

              Narc.

            • Sammy K

              LOL. What a bitch.

            • N.E.R.D.

              At least I’m not a Narc.

              Don’t you have some people to rat on to HR or something?

            • Sammy K

              You take it like a bitch? Is that what you are telling us? I’m sure you would make a great employee someday – a manager could totally walk all over you.

            • N.E.R.D.

              Small people call others bitches all the time. It doesn’t phase me.

              Last time you thought I was a manager, now you think I’m unemployed. Keep shooting from the hip.

              I love watching you try to be tough on the internet.

            • Thanks for joining in on the trolling N.E.R.D. I needed something to take my mind of this annual report we’re supposed to issue.

              Good lulz. Sammy is a total Narc.

            • Sammy K

              I didn’t say you are a bitch, I said you take it like a bitch.

            • N.E.R.D.

              “I didn’t say you are a bitch, I said you take it like a bitch.”

              “LOL. What a bitch.” [email protected]_61HBhPxjaF:disqus

              Higher up in the string.

            • I’m sure you’d make a great narc…narc.

            • Sammy K

              How do you know?

            • Quixote’s BFF

              Sammy K = AaronBalake

            • Sammy K

              LOL. I’m not even sure who that is. Should I?

            • Mose Schrute

              If you don’t know, now you know…

            • O_o

              Obvious narc is obvious. You gonna go to HR and tell them about this brah?

            • Sammy K

              “brah”

              haha what tool says “brah”

            • Cool people like me brah. You can tell HR I called you uncool.

            • Sammy K

              okay bro brah. lmfao

            • Reasonable Assurance’s Broseph

              Yeah we do! Although I prefer Reasonable Assurance!

        • FormerBig4

          Snitches get stitches.

          • Sammy K

            You sound so brave. When the Big Four hire do they look for the biggest pussies alive?

            • Quixote’s BFF

              They found you, amiright?

    • iamthelolrus

      I have two phones and am pretty happy with that decision. Sure it’s an extra $50 a month out of my pocket but I don’t have to have my work phone on me when I’m blackout drunk

    • Another exKPMGer

      If you bring your own device, could they fire you for watching porn in the can during your lunch break as long as you’re not on the company wifi? I’m assuming they’d have the ability to know you’re searching “Kissing Coeds Caught by Pool Boy” but can they really say anything about it? On another note I keep waiting for an article about how an office hooked a Chromecast to the TV in the lobby and someone remote casts some 80’s big hair porn to it in the middle of the day.

      • Mose Schrute

        We need The Horniest Partner to chime in on this…

    • LikeABoss

      fuck that noise. anyone that wants to get a hold of me that bad can pay for a separate phone that i can leave in my desk drawer when i leave the office in the middle of the night for a few hours of sleep.

    • JessterCPA

      I wrote my office’s BYOD policy. Pretty straightforward. We don’t force anyone into it, but if you don’t agree, you can’t access your company email on the mobile device.

      • Missing Donut

        Sounds like a win-win for the employee.

        • JessterCPA

          It is…and it should be. That’s how you get buy-in from your staff.

          Demonic BYOD policies are written by bad IT people and clueless Partners, both of whom want access to your device to snoop and find out how much work they think you aren’t doing.

    • N.E.R.D.

      I don’t like to give the firm a way to contact me.

      I did at my first job, and I got called at 11PM on Friday from a senior about a project I worked on and whether it was ready to review by the following morning. I was high AF and trying to play it cool, but I was struggling trying to figure out what he was talking about for a good 10 minutes (I didn’t even know who he was for the first few minutes!).

      Never again.

      • This happened to me once as well. Killed my high.

        • Quixote’s BFF

          Don’t harsh my Bro’s mellow…

      • magic man

        I’m so glad to know this happened to someone else

    • Another ExPwCer Now McGer

      You have to make sure to port your number out to a personal account before you leave the firm in order for them to not remote wipe it after the fact. My new firm employer doesn’t pay for phone below manager(next year). I have the ability to use outlook lite it via a webpage on my phone, but rarely check it. After I leave for the day, I am done and don’t plan on responding after that point. It is actually kind of nice instead of expected responses at 11pm and 5am at PwC for every email going right to your phone.

    • bsant

      My phone just got wiped a couple weeks ago.
      And I was a partner at the firm. Got into a huge fight with the managing partner and my phone was wiped while I was still in the office.
      There was no BYOD policy in place (small firm) and that will add to the lawsuit.

      • Another exKPMGer

        I’m sorry for your loss, but that’s an awesome move of the most dickish proportions. The managing partner should get a Douche of the Year (DOTY) Award for having your phone wiped while you were still there. If I were you I’d settle for having him knee-capped instead of fucking around in court for the next year.

        • iamthelolrus

          Cell phone discussions apparently bring out the violence in Another exKPMGer

    • KM

      I’ve MacGyver’d a workaround for my firm’s BYOD policy. I’ve set outlook to a text me if I receive an email addressed to specifically me. The text includes the sender and the subject. If I want to check the email, I log into the Office365 web portal, for which I’ve created a shortcut. So no company snooping apps and no company admin/wipe control over my phone.

    • BYOD policy for employees, just don’t talk about this. Your story was pretty funniest.

    • Satish Shetty

      Using a advanced MDM/EMM software such as Codeproof, Airwatch..etc, Admin doesn’t need to remotely wipe the entire phone. He/She can delete only confidential data by doing a selective Wipe. Removing installed apps, Removing WiFi, Removing company emails, deleting documents..etc.

      • N.E.R.D.

        This is probably the only on topic comment here.

        Unfortunately most accounting firms will not adopt advanced MDM/EMM software; they’re going to adopt the cheapest. I don’t think that firms really care if they wipe your entire phone or not, they just want to make sure you don’t have access to anything confidential or damaging once you leave.

        • N.E.R.D.

          My point is that accounting firms are very much behind the curve on these kinds of things. That and they don’t care about how much they inconvenience their ex-employees.

    • My bug bear has been “can we have your (private) mobile number?” You amicably agree then suddenly you receive calls about work matters and in the extreme, tellings off about late deliverables and work you should and haven’t done!

    • FartDude

      I had authorized my employer to do a remote wipe on my device when I set up email on it. When I knew I was quitting, I acted first.

      Took email off my phone, tracked down all the software the firm installed in the background, etc.

      Come remote wipe time, nothing happened. Beat the system.