How to devise an effective BYOD strategy

Dec 13, 2019 | Security

The number of smartphones in use around the world recently surpassed three billion, and the total number of internet-connected devices is already greater than the entire population.

Now that technology has become such an integral part of our daily lives, it’s more important than ever that business leaders can use it to empower employees to work better. That means allowing them to use their own devices for accessing and using key business systems. Not only is this much cheaper than providing new devices to your employees, it’s also better for productivity since people are usually far more comfortable using their own smartphones and laptops.

But that’s not to say implementing a bring your own device (BYOD) policy is simple.

Since you can’t reasonably expect employees to give up privacy and ownership over their own devices, BYOD does introduce some unique challenges when it comes to control and administration. That’s why you need a robust policy that establishes the necessary rules yet provides a good enough incentive to get employees to opt in.

#1. Specify which devices are allowed

Some years ago, things were simpler: people typically used their Blackberry devices for work. Today, there are more choices than ever available. One of the first and most important things to do when drawing up a policy is to determine which devices are allowed in your BYOD policy.

The choices are rather more complex than simply allowing either iPhones or Android devices, too. For example, jailbroken iPhones present additional security risks, while Android comes on a huge array of brands and models in numerous modified versions.

#2. Establish a security policy across all devices

Consistent security that applies to all devices covered by the program helps administrators maintain visibility into and control over company data. It’s also important because many users aren’t in the habit of protecting their devices with sufficiently strong passwords or PIN codes.

At the very least, you should enforce the use of strong passwords and automatic screen locks for when devices are left unattended. For any apps used to access sensitive information like payment details, you should enable multifactor authentication whenever possible. This makes it so that users have to provide passwords and a temporary SMS verification code to access sensitive data.

Download our free eBook!

Is cyber security too complicated for you? Our free eBook simplifies everything and explains the 3 essential types of cyber security solutions your business must have .

Download now!

#3. Define a clear service and support policy

It’s important that employees understand the boundaries when any issues or questions arise concerning the use of personal devices for work. Important considerations include the support offered for applications installed on personal devices, as well as support for damaged devices.

Sometimes, issues may arise where an employee can’t access a personal app that they’ve purchased due to your mobile device management (MDM) software blocking it. If this happens, you’ll need to segregate company apps from personal ones, so MDM software doesn’t restrict what employees can access on their free time.

#4. Make it clear who owns which apps and data

While it might be obvious who owns which apps and data, problems regarding ownership may arise if you have to remotely wipe a lost or stolen device. Most BYOD policies have a remote wipe clause. However, by default, all content on the devices gets deleted, and the device is restored to factory details.

Naturally, employees won’t be too happy if they manage to recover their device only to find out that all their photos and purchased applications are gone as well. It’s important to make clear your responsibilities to protect employees’ rights and make every necessary effort to prevent modifying their own apps and data.

#5. Offer a straightforward exit strategy

An employee might leave the business or report a device lost or stolen. They might also decide they no longer want to use the device for work. Regardless of the circumstances, you must provide a clear exit strategy that can be activated either by an administrator or the owner of the device. When activated, access rights to any business apps and accounts must be revoked immediately and any company data stored on the device deleted.

Cyber Shift Technologies can help you mobilize your workforce so you can enjoy increased productivity and drive business growth. Call us today to see whether a BYOD policy is the right move for your business.

[code-snippet name=”html-custom-blogging-form-on-blog”]

Ready To Get Started?

Stay ahead of the competition and increase your market share with specialized IT