What to consider before implementing a BYOD policy

 In Cyber Security Articles

A BYOD policy is increasingly common in the workplace and only going to become a standard piece of employees contract as GDPR comes into play.

BYOD means ‘bring your own device’ and research has shown that 30% of workplaces in the UK already allow BYOD.

There are some potential advantages – saving the company money, using familiar technology and increased productivity. However, by allowing BYOD does not come without risks. These include increased levels of security, the crossover of personal and professional data and a mix of different devices across your company, which is why a BYOD policy is essential.

Here’s our expert advice on how to ensure your BYOD policy doesn’t come back to haunt you.

One device or two?

For some employees, a BYOD policy could be just what they are looking for. The freedom of using just one device to centralise communications could make working life a little bit easier. One study found that 78% of workers thought using a single device would help them to balance their personal and professional lives. However, some may not appreciate the blurred lines between the personal and professional which a BYOD policy would entail. It is also worth considering if your staff have smartphones which would meet the demands of business communication and also if their bills would be paid for or supplemented to cover professional use. A BYOD policy could also place limitations on what apps and websites staff can access through their own devices so ask your staff for opinions on this. Research has found that 43% of corporate users were ‘very unwilling’ to stop using data-intensive apps like Spotify to access company data.

To help, within your BYOD policy, you should have a section that explains to your employees that they should not to accept OAuth push notifications where apps want to access your contacts or other data on your device. Also, spell out the ramifications should they not adhere to that. Other ways, such as having a secure area on an employee’s device where work-related information is stored, are also possible. This may be a more expensive than leasing equipment, but, depending on the data, will be less costly than a data breach which our team can discuss with you

Draw up a security plan.

Security concerns are often why companies are reluctant to bring in a BYOD policy. One study found that 78% of companies asked said it was the top reason for hesitation. These concerns are not unfounded either. A BYOD policy allows your staff to store sensitive company data on their own devices.  It is therefore essential to consider what happens if that device is lost, stolen or infected with malware. Also, think about what happens when an employee leaves a company and how to prevent confidential company information going with them on their device. Spell out what steps should be taken when accessing public WiFi, such as in coffee shops or airports. You may need to take out cyber liability insurance. As with any technology, a BYOD policy also needs to look at how to ensure personal devices are compliant with data regulations and laws. This is especially important with GDPR coming into force in May. Your IT team will also need to manage and monitor device usage to ensure compliance with the BYOD policy and prevent any breaches or risky behaviour from taking place.

Regularly review the BYOD policy.

Nothing stands still in the digital world and neither should your BYOD policy. Review the details on a quarterly basis to make sure they are still up-to-date with any advancements, such as new cybersecurity or data regulations. Ask your teams for feedback on how they feel the BYOD policy is working in practice. Review whether your company is reaping the benefits regarding time and cost savings. Hone and perfect your BYOD policy if you feel it could be improved. Alternatively, if after a trial, a BYOD policy is not for you, then scrap it and choose another corporate communication method.

The success of a BYOD policy relies heavily on how it is rolled out by your company to balance the pros and cons as well as taking the necessary steps to minimise risk. Educate your staff on how to use their devices for business purposes and avoid compromising data. A robust BYOD policy and well-informed teams should help to reap the benefits of bringing your device to your workplace.

The team here at LinkIT can advise you on how to make a BYOD policy work for you. Contact our Basingstoke IT Specialists to find out more.

Recent Posts

Leave a Comment

Start typing and press Enter to search

In this blog, we put cloud security under the spotlight. Looking at the pro's and con's we give advice on what to look for and what you may want to implement when using cloud-based software. Click to read more from Hampshire based IT & Cyber Attack company Link-IT support.The Facebook data scandal has been dominating the headlines. News broke last month that the social media giant harvested personal information about up to 87 million of its users without permission. Click to find out more on our blog.