BYOD and Regulatory Mandates: A Fine Waiting to Happen?

Paula Musich
Paula Musich

Summary Bullets:

  • BYOD is bound to result in some big fines for organizations governed by regulatory privacy mandates.
  • Since it is only a matter of time before auditors catch up, IT should be proactive in putting effective policies, controls and end-user training in place.

As enterprise IT struggles to get its arms around BYOD policy creation and control over the growing number of employee-owned smartphones and tablets used to access critical applications and data, one of the big questions it has to address is how to ensure continued compliance with regulatory mandates such as PCI, HIPAA and state privacy regulations as well as Dodd-Frank and more.  A new survey of 3,500 IT leaders and tech professionals conducted in June found that half the respondents think at least 25% or more of sensitive data is made vulnerable because of employee access to it using those personal devices.  The TEKsystems study also found that 35% of the IT leaders it surveyed are not sure their BYOD policies are compliant with those data privacy mandates.   Continue reading “BYOD and Regulatory Mandates: A Fine Waiting to Happen?”