It’s tempting to implement a BYOD (Bring Your Own Device) policy — and for good reason. It takes the burden of buying cell phones and plans off of the employer and leaves it to the responsibility of the employee. There are numerous other benefits as well, but there’s just as many easy mistakes you can make. Here are a few mistakes to avoid when implementing a BYOD policy.
BYOD gives a lot of flexibility to the employees, but it might be a bit too much flexibility. You should create a policy with specific guidelines for who owns the data, who owns the device, and who owns the software. You need to tell the employee how the expenses are distributed and what will happen to the device in the event of it being lost or stolen. Have them sign a document acknowledging that this was discussed.
The whole point of a BYOD policy is to leave the expense of the phone with the employee. Some organizations still try to milk money out of the employee by charging them a “convenience fee” for accessing company resources from their mobile device. The employees were essentially punished for working on the go. Under no circumstances should employees ever be asked to pay for access.
When implementing a Bring Your Own Device policy, it’s crucial to set up a mobile device management system. This helps manage remote workers and allows you to take security precautions. Mobile device management will keep everyone in the same place. You can also manage their ability to download applications, as well as force applications to update and force data to automatically back up every night. You should check out Blackberry’s site for more information on mobile device management.
It’s extremely important to make employees aware that you have to implement a remote device wipe policy. In the event that the phone gets lost or stolen, it’s crucial to erase all company information on the phone. By telling the employee that this will happen, it gives them a chance to back up anything they want to save. Have them sign an agreement acknowledging that they have no legal recourse should the data get wiped if the phone is lost or stolen.
Just because they’re using their own phones, that doesn’t mean training is unnecessary for your employees. Employees should have some sort of guidance on what they should and shouldn’t do with their phones at work and on your wireless network. Educate them on their phone and have them sign a document acknowledging that they’ve been trained.
It’s okay to have several passwords, as well as an option to remotely wipe a device, on any phone that an employee has. What’s not okay, though, is setting up various security measures beyond that, such as MAC filtering. Search for alternate solutions that will enhance productivity and increase employee satisfaction while still protecting your company’s data. Keep in mind that restoring factory settings and remotely wiping data isn’t a foolproof method of removing data, and often sensitive information like names, contact information, and pin numbers can stay on the phone.
While a BYOD policy is flexible, it’s not 100-percent flexible. Make sure to create a list of criteria to consider a phone as an acceptable device. Access to non-compliant devices should be completely restricted. Any device that isn’t compliant and can get access to the data poses a huge security threat. Double check that each device can get access to everything without any issues.
You shouldn’t assume that every app is safe to use just because it exists. In fact, expect the opposite – it’s wiser to assume most of the apps out there is going to steal your sensitive data and information. Restrict access to apps except for a certain few. Include social media and gaming apps on the list of restricted access to increase productivity. Monitor data usage to make sure no apps are slipping through the cracks and landing on these devices.
Implementing a BYOD policy is one of the best things that a business can do. Not only does it make the employees feel infinitely more comfortable, but it saves businesses a lot of money. There are many things to take into consideration before implementing this policy, though, and these are just a few things to remember to watch out for.
Did you or your company implement a BYOD policy? If so, how did it work out? Did you face any unique challenges?