GovBytes: Do you use your personal tech devices for work purposes?

An article and video in GovTech asked state CIOs at the NASCIO conference what their policies were on allowing employees to use personal devices for work.

“Instituting so-called ‘bring your own device’ policies may make economic sense for cash-strapped public agencies, and they’ll certainly make users happy.”

But in terms of security, some CIOs stated that personal devices may not be the best option. But with more agencies allowing flexibility and telework, is using personal devices a good decision? Some said yes, some said no.

The opinions captured in the short video were quite varied. I really think that Nebraska illustrates its policy best, when State CIO, Brenda Decker, says that if company information or documents are stored on a computer, and it is used for work purposes, then under state law it is discoverable and can be confiscated should a situation arise that warrants such action.

What do you think about government employees being able to use their personal computing devices at work? Should personal laptops and tablets be allowed in the work place? What recommendations would you have for agencies that want to implement such a policy?

Do You Use a Personal iPad at Work?


***************************************************************************************************************************

“GovBytes” is a blog series created by GovLoop in partnership with Government Technology. If you see great a story on Gov Tech and want to ask a question around it, please send it to [email protected]

Leave a Comment

10 Comments

Leave a Reply

Profile Photo Will Saunders

I think security should be the least of people’s worry. If you decide to use your personal devices at work and for work, you give up privacy. People may not realize that doing so constitutes implied consent for your superiors to view your calendar, emails, photos, and sent/received calls and text messages. Just like your inbox and your files and records on your employer’s equipment is subject to inspection at any time, using your personal devices to conduct official business for your employer gives them the same inspection rights and you could end up relinguishing more privacy than you might want.

Reply
Profile Photo Dennis Snyder

Take a look at 31 USC 1301 which prohibits the Federal Government from exceeding its appropriated authority. If the Government didn’t buy or lease the property then it has no right to use said property. If an employee uses personal property in the execution of their official duties as a representative of the Federal Government then 31 USC 1301 has been violated. It gets messier if the employee stores restricted Federal data on personal equipment because the data owner must have ownership of the media the data is stored on. As you know, deleting a file doesn’t really delete it and the only sure method of removing Federal property from a hard drive is physical destruction. Who among us can afford to risk our personal devices without compensation?

I would guess most states have similar statutes, if not all.

Reply
Profile Photo Will Saunders

Dennis, you make great points. It reminds me of a crunch time at a government agency at which I was employed, and I worked a few extra hours during a pay period and didn’t file for comp time. I just wanted to get the job done. It was only about 6 extra hours, but I got scolded by my boss. I wasn’t allowed to work the extra hours without being compensated for it.That statute is rather ridiculous to me. A part of me understands the necessity for it, to prevent employees from being taken advantage of. But at the same time, employees ought to be able to volunteer their time or personal equipment if they understand the full magnitude of what they are doing and if they will be doing so freely and voluntarily and without coersion. Like all laws, there should be a middle ground and not simply black or while with no gray area in between.

Reply
Profile Photo Jonathan Folkers

Our agency has a strict “no government data on personal devices” policy that is only going to get more tight as government ID card mandates take hold. That said, we should begin to think of “devices” as software, not just hardware.

It’s quite possible to create a managed, encrypted enclave for government data on a personal device such as an iPad that doesn’t touch anything else on the device. This would allow agencies to control access or selectively destroy data without wiping out the rest of the machine’s configuration. Currently, this requires extra software and services, but moving from publicly-funded Blackberries to a hybrid of public and private devices with managed access to agency data could result in significant cost savings for the government.

Reply
Profile Photo Michael Kenneth Veh

I use my own smart phone because of restrictions on using the county issued Blackberry for personal calls, etc. I got tired of carrying two phones so I turned the Blackberry in. Using my own phone restricts some functions that I had through the county phone but, overall, the benefits greatly outweigh any costs. I also use my own personal computer to work on projects from home but, for the most part, what I do doesn’t require access to any secure or proprietary information.

Reply
Profile Photo Will Saunders

Yes David, it does. Your personal devices used for official business are no longer private, so any personal transactions/communications can be subject to disclosure.

Reply
Profile Photo John Westra

The Good News Is Cloud/Virtual Computing Now Makes It Possible to Uncouple HW, SW and Data !

Case law and policies haven’t caught up to the technology yet. As Jonathan Folkers mentioned, it is now “…quite possible to create a managed, encrypted enclave for government data on a personal device…”

Cloud Computing & Virtual desktops enable any “smart” device (PC,Laptop,Tablet, Smart Phone, etc.) to function much like a briefcase or automobile. They may hold and transport Government Agency knowledge, but remain the private property of the individual.

One REAL threat to the security of all GOV data is hardware that has been compromised at the point of manufacture. Do we really want to trust the Chinese to build the computers and cell phones we use for sensitive information?

Reply
Profile Photo Christina Morrison

Thanks for your post David. We actually just conducted a survey of GovLoop members on that exact topic: Do you use your personal computer for work, or vice versa? We’ll be coming out with the results shortly and I’ll be sure to post them here and on our “HP for Gov” page on GovLoop.

Reply
Profile Photo [email protected]

My government is looking at this right now. IS anyone aware of any policy work or research that is on govloop that has a listing of jurisdictions which have implemented such a policy?

Reply