4 Considerations When Creating a BYOD Policy
It’s the white elephant in the room.
And it’s getting harder and harder to ignore
More and more people are using their personal devices at work.
And it’s not just at your company. It’s everywhere.
Juniper Research claims the number of people using personal devices at work will exceed $350 million globally in 2014.
Given the popularity of personal devices, you’d think every organization would have a BYOD policy to govern the situation.
But not every one does. These organizations are taking a huge risk with their data—one that could comeback to haunt them.
BYOD Brings New Challenges
Until recently employees generally used an organization’s devices at work. The IT department issued the devices and kept strict control over the equipment.
This approach worked well and everybody was happy. The organization had control over its data and how it was stored—at least for the most part
But that’s all changed—thanks in part to recent improvements in Internet connectivity and smart phones. Now many people use personal devices at work. It’s convenient and employees like doing it.
BYOD is here to stay.
And while BYOD provides benefits, it also presents challenges. The sooner you address these challenges the better.
And the best way of doing that is by developing a BYOD policy. Below are four considerations you’ll need to address when creating a policy.
Organizations have ultimate responsibility for their data—even if it’s lost or stolen through an employee’s negligence. The consequences of losing this data are often severe. So you need to make sure it’s protected.
The key to doing this is to make sure employees know which data they can access on personal devices and which they can’t. Here are some additional tips on securing data:
- Put strict security measures in place to protect your data
- Make sure employees segregate personal data from your data
- Delete all obsolete data as soon as possible
- Make sure employees don’t backup your data to the Cloud
A second consideration is data transmission. One way to make sure data is transmitted securely is to provide the IT resources used to do it. Make sure you’ve vetted the resources and the proper security measures are in place.
Also make sure employees have a way to log into their work email remotely, so they don’t have to use their personal email. Encrypt personal storage devices like flash drives and USB memory sticks and set work computers to automatically reject unencrypted data.
Responding to problems
Security breeches will happen. That’s a given. But having the right procedures in place and following them minimizes the damage. Also create good reporting procedures and a contingency plan for when breeches occur.
Your contingency plan needs an emergency telephone number that employees can use to report lost devices, viruses, or suspicious activity. Make a senior IT manager the point of contact. It’s her job to determine the steps to be taken and make sure the steps are followed in an emergency.
Training employees to follow security polices and procedures is vital. Make sure they understand the importance of securing data. Makes sure they also understand that they’re responsible for the data—even though the ultimate responsibility lies with the organization.
In addition, train employees so they know how to create strong passwords, transmit data securely, and encrypt data. Make sure they know what steps to take when breeches occur, a device is lost or stolen, or they contract viruses.
The use of personal devices at work continues to proliferate. This presents new headaches for you and puts your data at risk. A comprehensive BYOD policy is the best way to address these issues—including the four discussed above.
Not having a BYOD policy or having a poor one in place puts not only your data at risk but also your job.
Let us put our proven experience in providing tech support for small and medium size companies to work for you. Request a quote from our sales team.