“Bring Your Own Device” Policies Need to Protect Both Employees and Businesses
Smartphones are rarely out of their owners’ hands these days, including when their owners are at work. Phone users don’t want to have to switch to another device to get business done, and that means companies are forced to allow employees to use their own devices. While “bring your own device” (BYOD) makes employees happy, it can expose businesses to risk when data is transmitted and stored on mobile devices that aren’t managed by the company IT department. Defining a BYOD policy that balances employees desires for freedom with the company’s need for security is critical to protecting data when it moves off company devices.
Many companies started by taking a heavy-handed approach to BYOD. They allowed employees to use their devices at work—if the employee surrendered control of the device. Many device management policies allowed the company to remotely wipe a phone’s data, whether it was a file of confidential corporate information or photos of the employee’s new baby. Policies like that are unpopular with employees for obvious reasons.
Fortunately, modern mobile application management allows enterprises much finer-grained controls over an employee’s personal device and protects the employee’s interests as well as the business’s interests. Businesses can restrict the business applications and wipe business data if a device is lost or the employee resigns from their position without affecting any personal data on the phone. The policy should spell out whether the company will have any access to the employee’s personal data.
Your BYOD policy should also make clear exactly what support the business will provide for the device: employees need to know that you won’t provide support for the device itself, but will make sure the device can connect securely to the corporate network.
Your policy should also be clear about the specific configurations on which you’ll support company applications, and if the user’s configuration doesn’t match and the applications they need to use don’t work, the employee will need to obtain a compatible device or else use supported company resources to get their work done. Employees also need to understand whether they can use the company network to access non-work related apps on their phones.
Most important for making your BYOD policy effective, make sure you understand your legal obligations, both towards protecting company data and towards treating employees fairly. With that understanding, you can craft a policy that protects both the business and the employee.
Gain control over employee devices with a BYOD policy crafted to fit your environment. Prescient Solutions provides complete mobile support services, including crafting your policy and implementing mobile device management software to apply the rules consistently to your employee’s devices. Contact us to learn how Prescient Solutions can bring mobility management solutions to enable your employees to work productively while protecting your business data.