Things To Consider When Implementing A BYOD Policy

Mobile technology is still growing at a rapid pace. Employees are commonly equipped with smart phones, tablets, iPads, netbooks, and plenty of other devices that they can use to stay connected and productive no matter where they are. Many companies are embracing the concept of mobile access, and are allowing employees to access internal systems on their own devices to help streamline processes. So sales reps are accessing their CRM on the road through their iPad at a local coffee shop in between sales calls, managers are checking their meeting calendars while offsite, and nearly everyone are checking their work email accounts off hours.

Employee With TabletIn addition to using devices offsite, employees are using their own technology while at the office as well; companies with in-house WiFi networks often find employees hopping onto the wireless with their smartphones and tablets to access company data… and sometimes for personal access also.

Given how often employees can use their own personal devices to access company-owned data over company-owned bandwidth, it’s crucial that businesses develop their own BYOD policy to make sure they’re protecting their network and their data. Here are a few items every business should consider when implementing a BYOD policy.

Bandwidth – With more devices on the network, companies may see their bandwidth start to become congested, slowing down day to day processes and performance. Even when employees aren’t actively using their devices, odds are they’re still using bandwidth to update, get notifications, etc. If your business is considering a BYOD policy, you should look into your current average bandwidth usage and determine if your existing Internet connection can handle more devices.

Network Security – A good number of companies are moving towards managed firewalls and traffic logging or blocking to make sure employees are staying productive, and not constantly uploading cute cat pics to their Facebook wall (among many other things!). When mobile devices start using local bandwidth instead of the employee’s own personal wireless plan, those devices could potentially attempt to access sites or data that would be considered off-limits to company owned devices. Setting up a written policy so employees know their activities while on the company network will be policed is a good option for liability. Mobile devices may also use different process and file types, so making sure the firewall is on the lookout for those as well would be another layer of local security.

Data Security – We’ve listed this security item separately from network issues, because the possibility of data being compromised outside of the office is extremely high with a BYOD policy. When employees are accessing data outside of the office on their personal device, the potential to lose that device, or have it fall into someone else’s hands, is very high. It’s recommended that all employee-owned devices have security features such as password protection and lock screens enabled at all times. Often, these devices have username and password combos for corporate email or applications saved, which speeds things up for employees when they need to access them… and also makes it very easy for someone who’s stolen their device to access their email, your internal CRM, and countless other applications. Again, documenting policies and having employees sign off on them along with periodic reminders and checks helps greatly lessen the possibilities of this occurring. In fact, companies should investigate adding this to their standard Acceptable Use Policy (AUP).

Allowed and Acceptable Devices – When employees are allowed to use their own personal electronics on a BYOD situation, it’s critical that the company have a list of approved/acceptable devices and situations to greatly cut down on support issues. Employees who have non-conforming devices, such as rooted phones, could not only take up valuable tech support time, they could also greatly compromise the company’s network and data. Set up a policy outlining devices, operating systems, and the level of support employees should expect from the company’s IT staff.

Every company’s situation will be varied, so it’s best to sit down and discuss your network, applications, and particulars before implementing a BYOD policy. This will help not only protect your network and data, it will ensure a much more productive workforce and better ROI for your company’s technology and applications.

Managed Security eBook cover


If your business is concerned with security, download our free eBook ”Managed Security: Providing Enhanced Protection At A Lower Cost” to help determine the best methods to help keep your company protected. 

Download the eBook



Image courtesy of stockimages / FreeDigitalPhotos.net

Written by