Protect Your Corporate Data on Employee-owned Devices

October 20, 2016 | Post by Jeff Hickey | 1 Comments
ITAD service provider

The iPhone 7 launch and Galaxy recall — and what they mean to your BYOD strategy

Your leading account executive, Anna, uses her personal smartphone for work. She emails contracts to your clients and keeps their personal cell phone numbers in her contacts. With the release of the new iPhone 7, Anna has upgraded her phone and has sold her older phone online.

However, Anna’s phone was not properly wiped. A buyer got ahold of it and unlocked the contacts, sensitive emails and documents. Some of your company’s mission-critical data was leaked.

While this may seem like a horror story just in time for Halloween, too often this is a real risk for organizations such as your own. Here are three tips to help protect your organization from losing sensitive corporate data as a result of bring your own device (BYOD) policies.

Tip No. 1: Put data protection rules in your BYOD policy

BYOD policies should go beyond the network and infrastructure aspects of security. Not only should your employees understand from your BYOD policy that you own whatever corporate information is stored on their device, but also they need to realize you have the right to wipe their used device clean. This will give you some assurance that an employee can’t leave your company with your vital data.

Tip No. 2: Arrange buy-back plans or other ways for employees to return old devices

In the fall of 2016, millions of new mobile devices will be flooding the market with the release of the iPhone 7. On top of that, millions of people will also be purchasing new phones due to the recent recall of the Samsung Galaxy Note 7 smartphones. As a result, people worldwide will be selling, trading in and disposing of their older devices.

Have you considered what will happen to your corporate data if it lives on your employees’ personal devices and isn’t fully wiped before it leaves their possession? A buy-back plan, where you offer a cash back deal per value of a used phone, is a smart way to help ensure that you get the old phones back to have them properly wiped clean yourself. Another way might be by pledging to donate returned, old phones to a charitable cause.

Tip No. 3: Work directly with your ITAD service provider to wipe data and re-sell phones

What if you offered the services of your IT Asset Disposition (ITAD) partner directly to your employees? The partner would work to retrieve the old devices from your employees, who could still receive cash from your organization under a buy-back plan. Your company gets the added confidence that the data has been wiped with the same care and standards that it expects for all of its other IT assets.

Prevent the risk of data leakage by working with your ITAD partner

If you have a BYOD policy in your workplace, device disposal and remarketing will be an issue for your employees at some point. By working with your ITAD service provider, you can ensure all employee devices including phones, PCs, laptops and tablets go through the same diligent process that your other used assets do, thus protecting one of your most valuable properties — your corporate data.

Do you have this area covered under your BYOD policy? Share how it is working for you in our comments section.

The content and opinions posted on this blog and any corresponding comments are the personal opinions of the original authors, not those of CompuCom.

  • Jeff Hickey's picture

    Jeff Hickey

    Jeff Hickey is a Supply Chain Program Management Director who is responsible for CompuCom’s IT Asset Disposition (ITAD) Services offering at CompuCom.


Interesting article. It seems that we are guilty as a company as well. We don't have a return policy for corporate managed phones, nor a buy back program for those phones on stipend. If we do, it's not advertised. The move to BYOD is an overall cost savings, but with a loss of control over the security of these devices.

Add new comment


[x] Close

Sign Up for Email