Bring your own device or “BYOD”
A relatively recent trend that allows employees and employers to access company data and email through personal devices such as mobile phones, laptops and tablets. BYOD is frequently used by businesses as a way to increase work efficiency and reduce business cost and for enterprise mobility. However, if you want to utilise BYOD in your business you should have an appropriate policy in place.
What Happens without a BYOD Policy?
Without a BYOD policy, employees will have the freedom to access company data in whichever way they like, especially if needed after office hours. This means the use of personal devices to send and retrieve emails, download company's files and edit documents. Such practice could expose a company's confidential data and could be detrimental to the business. Every device has its own security settings and configurations. As such, your business needs to set out its minimum data security requirements in order to manage business risks.
Creating a BYOD Policy
You should consider what is expected of your employees, the data they can access and develop appropriate training to ensure staff fully understand how BYOD works in the firm. Your BYOD policy should address the points outlined below.
Acceptable Use
This section of your BYOD policy should set out what can and cannot be used when utilising company online access points as well as outlining restrictions and limitations.
Devices and Support
The device models that are permitted and have been checked by the IT department should be set out in the BYOD policy. Ideally, your IT manager should have the capability to remotely wipe a device in case it is lost or stolen.
Reimbursement
The full or percentage of cost (if any) that the company will reimburse employees for purchasing a new device.
Security
The environment in which the device can be used, which includes strong passwords, and non-usage of rooted or “jail broken” devices. In many instances it makes sense to install an app or software programme on employees’ devices in order to allow them to securely access company data.
Risks and Liabilities
The BYOD policy should clearly communicate that using personal devices for work comes with risk that the employee must accept and assume full responsibility, in line with company requirements.
No comments:
Post a Comment