This month he addresses how discovery requests can extend to personal computers owned by employees in “Discovery of Employee-Owned Computer Equipment.” This is a scary thought, but technology today allows you to work from anywhere, and employees regularly use personal home computers to finish working on documents or access work e-mail accounts.
Conrad does a good of job of describing the difference between employees using remote access and storing documents locally.
“Citrix or Remote Desktop connections turn a computer into a glorified terminal, with all actual work performed on workststations or virtual machines at the company.”
But sometimes, as Conrad points out, employees will download copies of documents and other corporate materials to a USB memory key to take home with them so they can work on a file on their personal computer.
Conrad offers the solution:
“One way to minimize the potential relevance of employee-owned computers in discovery is to develop and enforce policies that discourage using personal equipment to access corporate information.”
This may be an extreme solution, but it properly highlights the difficult line between freedom to work from anywhere, and the necessary level of security for properly supervising a company’s information. It’s a difficult line to straddle, but companies must address the issue each in their own way to effectively manage their risks.
Link to column.