BYOD Is Here: Where’s Your Company Policy?

September 11th, 2015 by admin

Android phone displaying an orange 'Google Play' screen, resting on a gray table next to an Apple keyboard

Once upon a time, IT administrators offered company-issued hardware to employees based upon something akin to Henry Ford's "Model T" approach: "You can have any equipment you want, as long as it's whatever we have for you."

In light of the mobile/Wi-Fi revolution over the past few years, times have changed. Many employees now prefer to rely upon their personal notebook, tablet, or smartphone to do business. In fact, some companies actually offer a stipend to employees to purchase their own mobile device—whether it means waiting in line to grab the latest generation of that trendy high-end gadget or choosing a cost-conscious off-the-shelf workhorse from a lesser-known brand.

This trend has been recognized as the "consumerization" of IT, or more informally as bring-your-own-device (BYOD).

The BYOD Advantage...

Allowing employees the option of bringing their own mobile devices to work offers several advantages:
  • The company bears less of the cost associated with purchasing new hardware, or letting unused surplus equipment take up space.
  • Employees who use their preferred personal devices—in the office or when telecommuting—experience higher overall productivity, while eliminating the redundancy of carrying both the "work" phone and personal phone.
  • Managers avoid that (usually awkward) experience of retrieving "company property" from an employee on their last day on the job.

...And the Drawbacks

With new mobile devices constantly entering the market (will the smartwatch catch on or fail?), BYOD is part of the modern workplace. But it opens a whole slew of legal grey areas, chiefly revolving around the privacy of employees' personal content vs. the security of sensitive—if not legally protected—company data. Which work-related content created on an employee's personal device belongs solely to the company? Companies of all sizes need a formal BYOD policy to tightly regulate the use of personal gadgets on the job.

A BYOD policy is unique to the needs of every company. Avoid "cookie-cutter" legal templates which became outdated yesterday. For your protection, craft a policy which clearly spells out key areas, including:

  • Which devices are permissible (laptops, tablets, smartphones)
  • Standardized anti-virus protection and other necessary security
  • Allowable/prohibited apps
  • Acceptable wireless connectivity (LAN, VPN, public Wi-Fi)
  • How/when/where mobile data is backed up
  • Which cloud applications are accessible (email, calendar, file sharing, and more)

Lastly, every personal mobile device can be lost or stolen at any time. No BYOD framework can be without a universal "kill switch" to immediately wipe company data from a device's memory. There are several commercial apps available which will reliably do this.

BYOD in your company is inevitable. Embrace it, but protect yourself with a solid, comprehensive policy. Don't know where to begin? We can help.

Posted in: Hardware and Software