The Federal Employees’ Guide to BYOD
Bring-your-own-device (BYOD) programs are popping up in many federal agencies. The Equal Employment Opportunity Commission, a small agency in comparison to the General Services Administration and the Defense Department, has been leading the way in BYOD. Kimberly Hancher, the EEOC’s chief information officer, found that 75 percent of her agency’s BlackBerrys were never used to make phone calls and the agency is on track to reduce mobility costs by 50 percent in FY 2013.
Other agencies have taken notice. Several, including the Agriculture Department and the Nuclear Regulatory Commission, are running pilots. Agencies are considering how to manage personal devices in the workplace in terms of both software and policy. IT departments will need some control over mobile devices if employees are accessing agency data. Ultimately, the responsibility for each device lies with the owner. In the case of BYOD, that’s you. Here are a few things federal employees should keep in mind if their agency is moving to a BYOD program:
What are the trade-offs?
BYOD can be a win-win arrangement: Agencies no longer have to use their shrinking budgets on BlackBerrys or other smartphones, and employees don’t need to carry two devices. In addition, employees may accomplish more: A recent survey by the Mobile Work Exchange showed that federal workers gain nine hours of productivity each week because of mobile devices. Your agency might even give you a stipend to cover the cost of your data plan.
However, there are definitely trade-offs when you use your own device for work. First, your agency’s IT team will need some access to your device, probably via mobile device management (MDM) software. Each MDM application is different, and there are myriad configurations, but it will have some control over your device and the data stored on it. The trade-off for agencies is that they have less control over their data than they did when everyone used government-owned devices.
Know your limits.
If you formally opt in to a BYOD program, make sure you understand what you can and cannot do on your device. For example, being part of a BYOD program doesn’t necessarily allow sending work emails with a personal email address. Your IT department will explain how to access tools such as email and calendars without breaching security protocols. It’s also possible that you will be blocked from certain websites while on your office network. Don’t try to circumvent the IT team to access the apps and websites you use outside of work.
Understand when and where you can access agency data.
On the flip side, you need to be aware of the consequences of accessing government data on a personal device outside of work. It’s likely that you will be asked not to store sensitive information on your mobile device, so that the data can’t be accessed without proper authentication. If you have any hesitation about how to handle your applications, email or documents on your mobile device when outside the office, ask your IT team for help.
Remote wiping is very real.
Some IT departments have the ability to remotely wipe (i.e., completely erase all data) personal mobile devices. In the process, government data is removed, but so is personal data, including all photos, contacts and music you’ve stored on the device. It’s always wise to back up your personal data — but take heed: If you participate in your agency’s BYOD program, and your device is lost or stolen, the IT team may wipe it clean.
In general, you should educate yourself about your organization’s BYOD policy. Every agency is taking a slightly different approach, so if you are participating in a pilot or a full-blown BYOD program, your IT team will have the information you need.