Implementing a BYOD Policy in the Workplace

BYOD

The BYOD policy, otherwise known as Bring Your Own Device, is a policy that became popular in 2012.  The policy has been shown to be a productivity booster among most who institute it, however there are several things that any business needs to take into consideration in regards to mobile device management and data security when adopting this practice.

First, allowing an employee to use their own devices does cut down on the costs associated with maintaining company hardware, but can also leave you vulnerable in regards to sensitive information.  Be sure that what can and cannot be access while on any company connections, along with the associated security policies are clearly outlined to all employees.

Second, be sure that there are steps in place when someone leaves the company.  You will need to have a simple and streamlined way to remove all company data and apps from any personal devices before the employee leaves for good.

Third, from a legal standpoint, ownership of company policies, information and apps associated with the employee’s position need to be clearly defined.  For instance, should someone use their personal tablet on the company’s VPN connection to compose a presentation needed for a meeting, it needs to be clear that the information presented therein is the sole property of the company, should anything unforeseen happen and the information wind up in the incorrect hands.

Fourth, be sure to do a clear and concise inventory of your system tools and their limitations so that you can convey what devices you can seamlessly handle.  If your software works perfectly on Apple devices but is not yet ready for Android devices, this is something that you should let your employees know before they bring in that Samsung tablet running Ice Cream Sandwich.

Fifth, most companies employ the same procedures when a personal device is compromised as they would when a company-owned device is compromised: They perform a data wipe to remove all traces of the issue. The problem with this is that since the device belongs to the employee, you are also wiping any personal data that they employee may have stored on the device. In order to assure that all employees are aware of the risk, have all employees taking advantage of the Bring Your Own Device policy sign a waiver stating that they are aware that should their device become compromised, they are aware that they will lose any and all data on it, including personal data.

The BYOD policy has been proven to increase productivity, as well as attract better and more qualified candidates. More and more candidates are looking for the flexibility that the BYOD policy provides in a corporate environment, so use the policy to your advantage in both hiring new talent and retaining the talent that you already have. Just be sure to research and cover all bases when implementing, to be sure that your company and employees are as safe and secure as possible.