The Seven Most Important Features of Any BYOD Policy

By Larry Alton March 27, 2017

Today’s world of mobile devices, tablets, and smartphones has introduced an interesting layer of complexity for IT departments in businesses everywhere. Employees often own and are familiar with their own technological devices, presenting both an opportunity and a challenge for employers—how can you control the use of these devices without eliminating them entirely?

The go-to solution is to create a custom bring-your-own-device (BYOD) policy, which outlines exactly how and why employees’ home devices may be used for work or for network applications.

While there’s no single “correct” way to design and implement a BYOD policy, there are some staple features you’ll need to include if you want to preserve your security and maximize your team’s efficiency.

Must-Haves for BYOD

These are some of the most important features of your BYOD policy:

1. Mobile device management (MDM) software. As System ID explains, MDM software “is an IT security application solution where the company can manage, monitor and secure devices that access the company’s network applications.” If you’re going to have multiple mobile devices on your network at any point in time, it’s good to know who’s using what—and how they’re using it. It’s a good way to enforce the policies you set and keep a closer eye on any unauthorized activity to prevent security breaches before they happen.

2. Device security. More than a third of all smartphone owners don’t use a password to secure their personal devices, a basic security step that should be necessary for any device that contains sensitive company information. At a minimum, your employees should be required to secure their devices when not in use. You may also require employees to change their passwords regularly, or protect those devices in other ways.

3. IT department role specifications. Are you going to be responsible for employees’ devices in any way? Some employers may partially or fully compensate employees for any home devices they use to accomplish their professional responsibilities. But what happens if an app can’t be installed on a device, or if something goes wrong with the device? Will your IT department be responsible for fixing it? Your BYOD policy needs to explain this.

4. Ownership of apps and data. Your employees’ devices are going to have both personal and professional apps and data on them. On a traditional work device, anything on the device is fully and exclusively owned by the company (in most cases), but this rule can’t apply to a device that’s also permissibly used for personal applications. How are you going to specify which apps and data are owned by the company? This is a tricky regulation to navigate, but it’s important to proactively specify these rules.

5. Apps to allow or disallow. Employees will be using your network on their personal devices, and for the most part, they’ll be using work apps while at work, but are there any apps that won’t be allowed? For example, if you’re using a VPN tunnel, would you allow an employee to post something to their personal Facebook account? Be specific here to avoid any trouble.

6. Acceptable use ambiguities. Acceptable use policies will have a lot in common with BYOD policies, but there will still be some differences to iron out. According to the Infosec Institute, “Frequently, there will be a list with prohibited activities. It is important to remember that at the heart of the AUP as a regulatory document is the concept of respect and ethical use.” For example, your AUP may prohibit the exchange of personal messages or inappropriate material on company devices, but what if an employee uses an acceptable personal device and a corporate network to exchange private information? Does this constitute a violation of either policy, and if so, which one? Again, this is a tricky area to navigate, but the further ahead you think here, the better.

7. Basic security standards. You’ll also want to make sure all your employees are up-to-date with basic security standards—and that’s useful even if you don’t have a BYOD policy. For example, make sure your employees know how and when to connect to a network securely, how to set and maintain strong passwords, and how to avoid scams like phishing, which could instantly compromise your network.

Enforcing and Revising Your Policy

Because BYOD is still new, you’ll likely encounter some situations you weren’t fully prepared for. When they come up, take the opportunity to clarify new rules and regulations, and update your staff accordingly. Chances are, your BYOD policy will evolve significantly in its first few years, so remain flexible and be patient to find the best combination of rules to enforce. Eventually, you’ll be able to balance the advantages and disadvantages of BYOD so your employees remain productive and your network remains secure. 




Edited by Alicia Young

Special Guest Contributor, Alton Enterprises

SHARE THIS ARTICLE
Related Articles

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More

Satellite Imaging - Petabytes of Developer, Business Opportunities

By: Doug Mohney    4/11/2018

Hollywood has programmed society into believing satellite imaging as a magic, all-seeing tool, but the real trick is in analysis. Numerous firms are f…

Read More