What to consider before implementing a BYOD policy
A BYOD policy is increasingly common in the workplace. It is only going to become a standard piece of employees contract as GDPR comes into play.
‘Bring your own device’ (BYOD) is popular – research has shown that 30% of workplaces in the UK allow BYOD.
There are some potential advantages – saving the company money, using familiar technology and increased productivity. However, BYOD does not come without risks. These include the need for increased security, the crossover of personal and professional data and a mix of different devices across your company. This is why a BYOD policy is essential.
Here’s our expert advice on how to ensure your BYOD policy doesn’t come back to haunt you.
One device or two?
For some employees, a BYOD policy could be just what they are looking for. The freedom of using just one device could make working life a little bit easier. One study found that 78% of workers thought using a single device would help them to balance their personal and professional lives. However, some may not appreciate these blurred lines between the personal and professional. Think about whether your staff have smartphones which would meet the demands of business communication. Also, decide how their bills would be paid for or supplemented to cover professional use. A BYOD policy could place limitations on what apps and websites staff can access through their own devices. So, ask your staff for opinions on this. Research has found that 43% of corporate users were ‘very unwilling’ to stop using data-intensive apps like Spotify to access company data.
Within your BYOD policy, you should have a section that explains to your employees that they should not accept push notifications. This is where apps want to access your contacts or other data on your device. However, there are ways around most potential pitfalls. Your IT team, or outsourced support, could set up a secure area on an employee’s device where work-related information is stored.
Draw up a security plan
Security concerns are often why companies are reluctant to bring in a BYOD policy. A study found that 78% of companies said it was the top reason for hesitation. These concerns are not unfounded either. A BYOD policy allows your staff to store sensitive company data on their own devices. It is therefore essential to consider what happens if that device is lost, stolen or infected with malware. Also, think about what happens when an employee leaves a company. There needs to be a process in place to prevent confidential company information going with them on their device.
Spell out what steps should be taken when accessing public WiFi, such as in coffee shops or airports. You may need to take out cyber liability insurance. A BYOD policy also needs to look at how to ensure personal devices are compliant with data regulations and laws. This is especially important with GDPR coming into force in May. Your IT team will also need to manage and monitor device usage. This should help to prevent any breaches from happening.
Regularly review the BYOD policy
Nothing stands still in the digital world and neither should a BYOD policy. Review the details on a quarterly basis. Make sure they are up-to-date with any advancements, such as new cyber security or data regulations. Ask your teams for feedback on how they feel the BYOD policy is working. Review whether your company is reaping the benefits regarding time and cost savings. Hone and perfect your BYOD policy if it could be improved. Alternatively, if after a trial, a BYOD policy is not for you, then scrap it and choose another corporate communication method.
The success of a BYOD policy relies heavily on how it is rolled out by your company. Balance the pros and cons as well as taking the necessary steps to minimise risk. Educate your staff on how to use their devices for business purposes. A robust BYOD policy and well-informed teams should help to reap the benefits of bringing your device to your workplace.