More often than not, they didn't get away with it. Armed with forensic computer analysis--namely, the USB port registry--managers confronted these employees during the exit interview.

What gives managers the right to pursue legal action or at least ask for those incriminating thumb drives back? The answer: a smorgasbord of protective polices with employees' signatures on them, including the confidentiality non-disclosure policy, the ethics policy, the conflict of interest policy, the authorized use of computers policy.

"The BYOD fact pattern isn't that dramatically different, and policies can be written to provide that type of protection for the employer," says Brent Cossrow, partner at Fisher and Phillips, a law firm specializing in labor and employment law.

He adds: "Given the business interest that could be in jeopardy, there are employers who would take a look at how their computers were used in a certain time period. If a BYOD policy was written in a certain way, it could provide support for that examination."