The interesting thing about using personal devices for work is personal liability. Have you ever considered what happens if your company is embroiled in some sort of litigation, regulatory investigation, or suspected criminal activity, and undergoes discovery of evidence? If law enforcement or counsel suspects that you or your devices are harboring relevant data, then your devices could be seized, imaged, held as evidence, and possibly never returned to you, certainly not in one piece.

So if you're mingling your personal data along with any sort of company data, or data that belongs to an organization that's outside your family unit, and said data is physically inseparable, then prepare to lose big in the future. You'll kiss all your backups goodbye, no matter where they're stored or how you've encrypted them.

Of course this may also apply if you've got a company-provided device (COPE) or one running MDM, and it's stolen or lost. When you report back to the company that their data's in the wind, they're going to remote-wipe and remote-brick that device, so again, kiss your personal data bye-bye.

Best practice going forward is to purchase separate devices (especially mass storage) for each individual purpose and meticulously separate out company data from personal stuff.

It never pays to mingle business with pleasure, or business with personal, and I think this liability issue is something that's a well-kept secret by companies who wish to encourage workers to BYOD and downplay the repercussions, although rare, that could put those workers into a world of hurt.