Implementing a Bring Your Own Device (BYOD) program sounds like a win for everyone: your employees get to use the device they already know and like, and your company is not having to purchase all of those devices. It turns out that a BYOD program, while overall beneficial, comes with some inherent risk.
Some of that risk is related to security. Your employees may be accessing unsecured Wi-Fi or leaving their devices logged in and unattended. They may download apps that aren’t approved.
There are also privacy concerns. You need to be able to monitor devices in order to keep your network safe, but your employees are entitled to know what types of information are being collected from their devices.
Just like the overall lines between work and personal lives, the lines are particularly blurry when it comes to a BYOD program. How do you develop a BYOD policy that allows for a secure program that is also satisfactory for employees? Here are five considerations to include in your planning:
Executive Buy-In: As with any company-wide program, you’ll want extensive support for your BYOD implementation. When your leadership is engaged in the decision-making, they will understand the need for certain tools, such as Mobile Device Management (MDM) solutions and the amount of time you’ll need to invest in creating your BYOD policy.
Develop a Security Policy: Your team will need to work through extensive security items, such as acceptable uses, program restrictions, user responsibilities and more. You’ll also have to determine what consequences will be in place in the event an employee violates any security policies.
Develop a Privacy Policy: Determine what you will need to monitor and clearly communicate it to your employees. If you will need access to applications that are for personal use, be straightforward about the necessity of accessing that app and how the information will be used. Design the consent forms you’ll require employees to sign for your BYOD policy.
Plan for Unusual Circumstances: How will you handle an employee that takes a leave of absence or is on maternity leave? You will need a policy to handle misconduct with a device, whether it occurs during office hours or off the clock. Determine what happens to a device when an employee resigns or is terminated.
Plan for Problems: This may be the most important consideration because you have to assume that there will be terminations, resignations, security breaches and privacy issues. It’s not that you hope for these things to happen, but you recognize the inevitable occurrences that are likely to happen and you mitigate that risk as much as possible.
If your company is considering moving to a BYOD program, contact us at Cloud Source. We will help you create an implementation plan, customized to fit your needs and mitigate risks.