Bring-Your-Own-Device, known by its more popular acronym, BYOD, is growing among firms. According to a Syntonic research, more than three-quarters of survey respondents said they expected the use of personal smartphones for work purposes to double within a year. This has important security challenges and opportunities for businesses. As a manager, your decision to implement a BYOD policy should be based on a firm understanding of these costs and benefits. Here are a few things to consider.

They Already Exist

Chances are that even though you think every work-related activity is processed via a work computer, many activities are still being carried out on employee-owned devices. People store contacts of company suppliers on their personal smartphones all the time. They communicate with them and share company information and strategies through text messages and even via Facebook chats over the weekend. Your resident Estate Manager might even have a read-only PDF list of all server locations in an email on his laptop or smartphone.

Accepting that these are real possibilities should motivate you to create a well-defined BYOD policy. A company-wide BYOD policy makes it easy to monitor communication and minimise the risk of workers engaging in illegal activities with company data. In case you don’t want company work on private devices, spelling it out explicitly in a prospectus helps promote data security. And so regardless of whether you approve the use of personal devices or not, it is important to establish and implement a BYOD policy to protect company data.

Privacy Rules

Different privacy laws exist for different countries. It’s important for a multinational firm to consider the laws of each country in which it operates in drafting a BYOD security policy. While some give you a certain level of control over how to collect data on a work-related device, other countries implement strict consent-driven policies that must not be compromised regardless of your security concern. Take this into consideration in selecting which Mobile Device Management (MDM) software to install and which feature to activate.

To make BYOD policies even more compliant with national privacy laws, it is necessary to tailor your monitoring based on the worker’s access to sensitive data. Sometimes, it is enough to manage the security in browser and app settings rather than snooping on everything installed on the worker’s device. Also, make sure that every worker gives you permission before you install an MDM software. If they are not willing to give you access, then that device must not be used for work.

Mitigating The Risks

Progress comes with challenges, and forward-thinking corporations are aware of the security challenges BYODs pose. Data theft is a legitimate concern. But theft is not a BYOD-specific problem because it can occur with or without workers using their own devices.

One way to mitigate this risk with BYOD is to establish a strict security protocol for all workers. Limiting what devices to use in the workplace can help curb incidents of data theft by third-parties. Also, a good MDM software should enable you delete sensitive data from a stolen device. As stated earlier, it is important to assume that workers already use personal devices for work. Network Access Control should, therefore, take into consideration the uniformity of antimalware programmes and all security protocols across all devices.

What to Consider

In implementing a BYOD-friendly policy, a few important points should be applied.

• Users need to be responsible for backing up their data. Make this a security requirement for using the device in order to minimize chances of data loss.
• Specify how devices are serviced. This helps manage who has access to company information. You can contract a trusted IT partner to maintain devices of all employees.
• Make a list of blacklisted apps and update it regularly. Also, ensure that access to company network is revoked immediately these black-listed apps are noticed on user-owned devices. In addition, spell out in clear terms the punishment for violating these terms.

Bring-Your-Own-Device policies don’t necessarily guarantee a boost in employee productivity. A carefully-laid out policy that considers the risks and benefits, however, might be what your business needs to gain employee trust.