Benefits of BYOD:

You want your employees to be mobile, to respond on the fly, however you’re a little worried about what kind of private data they might be transporting outside the company’s network.

In light of the recent IRS employee who brought home a flash drive with over 20,000 Internal Revenue Service employee data, we’d like to discuss your company’s Bring Your Own Device (BYOD) policy and it’s impact on your company’s security.

 

Some Things to Include in Your Corporate BYOD Policy:

  1. Establish a security policy for all devices. Require corporate approved anti-virus software on a device before it can gain access.
  2. For smart phones and tablets make sure all devices support encryption, remote wipe, and passwords. Enforce policies to require these services before allowing a device to connect to corp email or services.
  3. Ensure devices are updated as soon as the device software makes it available, some of those updates are security updates.
  4. Create a list of apps that you will allow while on the work network. Define employees in groups and establish which groups have access to what apps. Anyone that needs to use a blocked app needs to submit a request and reason.
  5. Require that sensitive company data is not stored in unapproved applications
  6. Require all lost and stolen devices are reported immediately
  7. Maintain the company’s right to unsubscribe the device if security configuration standards are not met
  8. Create an addendum for each type of device: personal laptops, iPhones, Androids, etc.
  9. Define the company’s role in the support of these devices
  10. Discuss co-mingling of corporate data and personal data on a device
  11. Define work and personal information and what is acceptable at work
  12. Discuss text archiving
  13. List devices that your company cannot support

 

What Happens If You Don’t Allow Employees to Use Their Own Devices?

  1.  Although you don’t ask that your employees be on call after work hours, if you allow them access to their work email after hours, you are getting more bang for your salary buck.
  2. Accessibility outside of work, allows an employee to be an brand ambassador. The connection via a mobile device to life outside of work allows them continuity between work life and home life.
  3. Limiting employees from bringing their own devices creates less productivity, learning curves on new devices, creates more rigid boundaries and less continuity between home and work. 

 

How Do I Ensure Security on Devices?

How you manage data and IT is an integral part of your company and it has to make sense for your company. You can protect your company devices and your employee devices by starting with a BYOD policy and enforcing those rules. You can assume that more users will not update their devices, so your company or managed IT provider can take a more proactive approach and work individually with all approved devices on the network. With proper backups and responsible IT management, your company will be just as safe with or without employees that BYOD.

Photo Source