CHICAGO (MarketWatch) — In what’s referred to as BYOD, or “bring you own device,” companies are allowing employees access to corporate emails, calendars and other company files on their personal phones and tablets.

But what employees might not know is that they give up a lot of privacy with that privilege: The company can see everything on your personal device. What’s more, the company can wipe it all out if you leave or if the device is lost or stolen. It can also remotely turn on the camera to find it.

A woman looks at her iPad tablet after the Emporio Armani Spring/Summer 2013 collection at Milan Fashion Week. Reuters

“You get access to corporate resources such as mail, and an IT manager gets access to your device,” said Jonathan Dale, director of marketing at Fiberlink, which creates management solutions for mobile devices in the workplace.

Think of BYOD as the junction between your personal and work lives. As smartphones have evolved from a business device to a consumer one, users find themselves returning work-related emails at midnight or responding to Twitter service complaints from home.

“BYOD is actually blurring the line separating business devices from consumer devices,” said Nitin Bhas, a senior analyst at Juniper Research. “This consumerization of business devices reflects the change in consumer attitudes toward bringing in their own devices to the work place.”

And that’s expected to explode as more smartphones permeate the marketplace and younger users move into the workplace. Juniper predicts that the number of employee-owned smartphones and tablets in the workplace will swell to 350 million in 2014 from nearly 150 million this year.

At this point, however, allowing you to use your iPad to send reports, set meetings and create documents is still something of a conundrum for many companies. Allowing employees to access corporate email and their calendars through a personal iPhone, Android or Blackberry drives productivity and customer service. But doing so also opens the company to corporate espionage, security breaches and a handful of legal challenges.

“BYOD is an inevitable trend today, but from the security point of view, it is considered an insecure policy (that) could damage a company’s reputation and business,” Bhas said.

Use of personal mobile devices soars

Nearly 70% of North American companies support some form of mobile-device management, according to a recent Forrester Research study. However, only 8% support all personal devices.

But Forrester calls the tide of personal mobile devices in the workplace an “oncoming train,” underscoring the challenges companies face.

“The general trend is that more and more companies are embracing it as a standard practice across the company or as a limited experiment,” said Chenxi Wang, principal analyst at Forrester.

On company-owned devices, most understand that when you use the device you give up every shred of privacy attached to it, even emails or text messages that have been deleted.

What many will be surprised to learn is they give up all that and more on personal devices too that are connected to company systems.

In other words, your bosses can see what you did last weekend by looking at your photos or your text messages. They can also find out if you ditched work for a ball game by following your GPS record. Anything you do or install on that device is like an open diary to IT.

When you connect to your company’s email system, you are allowing your company to download mobile-device management software. That’s critical for companies because it allows you to get inside the firewall but lets them keep control of who else or what else — think malware and viruses — get in.

The software carries a profile that includes security protocols that may, for example, dictate the number of characters required for passwords and when a device will be locked out or wipe itself out after a certain number of failed attempts at inputting a password.

A blanket corporate policy is likely to tell you that when you consent to use your company’s systems you should not expect privacy or confidentiality in anything you create, download, display, store, send or receive.

At the same time, the policies allow the company to access, monitor, copy and/or disclose any and all information that is stored on any device tied to the company network.

“If your employer wants to locate where you are, they can do that,” said Phillip Redman, research vice president for Gartner, Inc., an information technology research and advisory company.

“It’s the same as if your child is not answering text messages you can see where the phone has been and find out where your child is,” he said. “It’s a good reason to have those capabilities but like anything they can also be abused.”

Employer security vs. employee privacy

No one is suggesting that corporations routinely or even scarcely exploit their snooping capabilities but workers are alarmed that they’re giving up so much privacy to get workplace email and calendars. In a recent Harris study, commissioned by Fiberlink, 82% of respondents considered their company’s ability to track them during on and off hours an invasion of their privacy.

Some 57% didn’t even know their company had the ability to remotely wipe out personal files like music, pictures and contacts.

It’s not surprising then that 76% of those polled said they would forgo corporate email if it meant their employers can see what apps are already fit on the device. And 75% said they would if their employer has the ability to locate them through GPS, wi-fi signal or cellular triangulation during work and nonwork hours.

There are plenty of good reasons that companies take such a strong stance: They have to protect their intellectual property and corporate secrets.

Most corporate policies will include language like this: to protect the company from “error, fraud, misuse, alteration, theft, copyright violation and sabotage.”

What’s missing, however, is complete transparency to users, Fiberlink’s Dale said. “In general we don’t see that a lot of companies are explicitly telling the users what they have access to.”

One solution would be for companies to implement privacy settings and policies that assure employees that what they do on a Friday night isn’t the subject around the water cooler on Monday morning.

Of course, most companies won’t be following your weekend antics or even tracking your sick-day activities because they simply don’t care.

“The IT department doesn’t necessarily want to snoop,” Redman said. “They want to respect the privacy of their employees and don’t want to use that information for their benefit.”

How to protect yourself

If you are using your phone for both personal and work issue, here’s a rundown of what you should know:

By consenting to the mobile-device management software, your company can see all your apps, photos, text messages, tweets, contacts, GPS records and Internet activity. It knows what music and games you’ve downloaded and what meetings or parties you plan to attend.

It can remotely turn on your camera or wipe out the phone — every single thing on it — if it’s lost or stolen.

In some workplaces, such as extremely sensitive research labs, the software may automatically shut down cameras and recording mechanisms when you walk near the room.

While the company can track where you went, both physically and on the Internet, it cannot track how much time you spent on Facebook or Words With Friends.

Some software can segregate personal uses from business uses and erase only corporate information, leaving your photos, apps and contacts in place. But it’s very limited at this point, so be sure you know if it applies to your device.

Be sure to back up every little thing you want to keep should something happen to the device, a rule of thumb you should follow even if you don’t connect to your company’s system.

A future generation of smartphones and tablets could very well include screens to split your personal from you work uses, so watch for them.

Understand the consequences of installing the software and remember that you do have a choice. If you’ve already connected and don’t know your company’s policy, ask human resources for the information.

“You have to educate yourself on the risk of having the company manage you device, even if they only manage it very slightly,” Forrester’s Wang said. “Understand what the worst-case scenario is to see if that’s something that is acceptable to you.”