Screen shot 2013-09-05 at 6.08.23 PMIT’s efforts to protect information security can cause other problems. Mimecast CEO Peter Bauer lost a whole gallery of irreplaceable family photos and other personal information thanks to a BYOD policy he helped create. His daughter tried to open his smartphone. She tried to guess the phone’s PIN, and after five attempts, the phone was automatically and irretrievably wiped, in accordance with the company’s policy.

The lesson: IT departments should make sure they balance security with as much protection for users’ privacy and personal data as possible. Whatever controls and policies are in place, it’s important users are informed and sign off on a form acknowledging they understand what the company might do with their personal device.

Massachusetts Eye and Ear Associates, Inc., paid $1.5 million for violation of the Health Insurance Portability and Accountability Act (HIPAA). A doctor’s personal laptop was stolen. The unencrypted machine was loaded with sensitive information about patients.

The lesson: Companies should require all devices used for work to use encryption, password-protection, remote wipe, and other security features.


Check out more BYOD horror stories

The Security Awareness Company

With over 25 years of industry experience, we serve both small & large organizations to create successful security awareness and compliance programs on an international scale. Our team is a strong, creative powerhouse with a passionate vision and we consistently produce on-trend end-user training materials of the highest caliber.