An increasing number of businesses and agencies are adopting BYOD policies.
BYOD, of course, stands for Bring Your Own Device.
If you are not already familiar with these practices, you soon will be, as it is a trend that is only getting stronger.
Locally in the Maryland & Washington, D.C. areas, bring your own technology policies are especially popular, as it allows organizations to save money by allowing employees to simply use their own personal phones, computers and other personal devices while working. This reduces the need for the company to purchase hardware and it enables employees to more easily work from any location.
It is essential that the BYOD policy is implemented carefully and correctly, however, in order to ensure that the company is protected from security threats and other technological challenges.
Below are a few tips to help you create a strong Bring Your Own Device policy:
Even though employees might be using their personal phones and other devices, they must learn to treat these devices differently once they are being used for business purposes. Despite all the warnings, even today many people resist using things such as passcodes and screen locks because it reduces convenient access to their content.
It must be made clear in your new BYOD policy that all devices must utilize security barriers. To avoid any confusion, make it explicitly clear which security measures you will require for which devices.
This certainly does not mean that all of your employees will use the same password to secure their devices. It simply means that all of your employees must understand how to make a strong password. TechRepublic recommends that you require regular password changes.
In addition to requiring regular changes, it is wise to implement other rules regarding passwords. These can include stipulations such as all passwords must contain at least one letter, one number, one uppercase letter, a symbol or any other specific requirements. Your employees may complain about these requirements, but they will soon grow into the routine and your system will be more secure.
In today’s technologically advanced world, “personal device” can refer to many different items: tablets, phones, personal computers, iPhones, Blackberries, etc. If you do not specify which types of devices are acceptable for your BYOD policy, you may find yourself facing challenges regarding security and day-to-day operations.
If you are going to be using a mixture of company devices and personal devices, or if employees need to download software, it will be important for everyone to have compatible devices. When developing your company policy, include a list of acceptable devices.
Once your employees have confidential data on their devices, they must approach applications differently. Not all applications have stringent security measures in place, and some will pull information from the device memory or from other applications.
It is important to have a policy in place regarding apps that are acceptable and apps that are banned. It may be necessary to require that employees request permission before downloading any new applications.
BYOD policies become problematic when an employee leaves the company or organization. Your policy must indicate that the employee agree to have all business information and applications removed from the device before leaving. Incorporate safe device wiping procedures with other employee exit tasks such as exit interviews. Your BYOD agreement may stipulate that this data wipe must take place within a specific number of days of the resignation.