Friday, May 16, 2014
How to establish a solid BYOD policy
Developing a strong BYOD policy is a critical first step to success with the initiative. Here are 8 components to consider.
Mobility is a powerful force in the business world. Giving workers the flexibility to complete their activities remotely and refer to corporate resources from virtually anywhere, companies can increase employee satisfaction and fuel productivity, collaboration, and performance. To assist with this trend, many organizations are exploring bring-your-own-device policies, which allow employees to use their own smartphones, tablets, laptops, or other machines in the workplace. However, relinquishing some control over hardware makes it more difficult for IT departments to maintain network security.
Consequently, developing a strong BYOD policy is a critical first step to success with the initiative. Here's how:
- Determine business goals and user needs. Understanding your organization's goals and expectations for allowing workers to use their own devices should guide the rest of your decisions, including planning for training and business applications.
- Decide which devices and operating systems to permit. Consider compatibility with files and enterprise software programs to ensure all users have access to what they need.
- Set guidelines for reimbursement, stipends, and liability for lost or damaged devices.
- Establish a clear and enforceable security policy. You need to prevent employees from introducing vulnerabilities into the secure environment when they connect to the company's network. Develop requirements for installing antivirus programs and creating passwords, restrict which outside apps they can install, and identify what happens in the event a device is compromised and needs to have its data purged.
- Clarify ownership of applications and data. Policies should balance protection of corporate resources with respecting employees' privacy for the personal information on their devices. It's also important to determine how you will control and manage user access to company apps and accounts.
- Implement supporting technology and set expectations for usage. Tools, such as secure file transfer apps, can help to keep corporate data separate from personal information as well as maintain the necessary security and control over important files.
- Develop a service policy detailing how IT teams will support personal devices. Employees should know when to call on the help desk when they run into problems.
- Plan an employee exit strategy. This includes removing access to apps and resources as well as wiping corporate data from devices.
In general, it's important to keep in mind the central goal of a BYOD policy: As CMS Wire emphasized, your main concern isn't control over the devices—it's protecting the company's data and networks. That's why implementing the right supporting applications and infrastructure can make or break your BYOD initiative. Secure file sharing solutions should be accessible, protected, and convenient to use on personal devices, while enabling IT teams to maintain central control over both the programs and the resources.