By Rick Delgado, Contributor
Making the leap to a bring your own device (BYOD) policy is no easy thing. Business leaders will no doubt have concerns over how secure company data will be, but there are many benefits as well, such as greater production from employees. Any transition to BYOD may require changes to the company both structurally and culturally.
Many companies go into BYOD without knowing how to handle the new security concerns that accompany so many new personal devices in the workplace. For one thing, it’s relatively simple to jailbreak a mobile device, which allows a user to install otherwise-restricted software. Employees can also use apps that bypass network security protocols that would normally prevent certain mobile device models from accessing the network. More than a third of employees haven’t activated the auto-lock feature on their smartphones, while almost the same number store work computer passwords there as well.
That’s not to say all is bleak with mobile security. Reports indicate at most only one percent of all malware is comprised of mobile malware. Companies new to BYOD also need to know that BYOD policies extend past the business itself and should regulate behavior outside of working hours. Employees also need to know that they are responsible for protecting and backing up their personal information in case the device gets lost or stolen. With this in mind, you can prepare to implement BYOD with the following checklist.
First, you should know why you want to create a BYOD policy in the first place. Is it intended to save money, recruit better employees, or improve efficiency? Perhaps it can be all three. You also need to establish a baseline, getting the tools needed to monitor the network and see what’s connected to it. Then you should decide which devices will be permitted under the policy, followed by creating the right security for all devices that factors in the concerns named above.
There are other boundaries that need to be examined regarding personal devices, like if your company will provide support for installed applications, or what to do if a problem with a personal app prevents access to supported apps. Enforcement is also an important issue, so you need to figure out how to enforce the newly enacted rules. You also need to firmly establish who owns the apps and the data on a personal mobile device. This may entail asserting that the BYOD policy gives you the right to remotely wipe devices that contain sensitive company data.
Next, you should decide which apps will be allowed under the new BYOD policy. You also need to set up a strategy for when employees leave the company, which should include removing that employee’s access to corporate resources like email. Last, but certainly not least, you need to train your employees in the new policy, establishing the right expectations from the beginning. It’s also a good idea to run a pilot test with a small group of trusted workers.
Think you are ready for BYOD adoption? Take the quiz to find out!