28 May 2024

Five questions to ask before creating a BYOD policy

The boom in remote working caused by the pandemic led to a rapid increase in new security challenges for companies.

One of the top concerns is ensuring staff act responsibly when completing work on their own devices. 

So, how can you keep your business secure while still supporting staff productivity? The answer is a comprehensive diverse bring your own device (BYOD) policy. 

For those working on building their own policy, let's take a look at the top five questions you need to ask. 

1. What devices will you permit? 

The obvious place to start with a BYOD policy is clarifying what you will permit. 

This needs to include all kinds of devices — laptops, tablets, smartphones, USB storage. 

You'll want to go into detail too for phones, you might specify 'only iPhone or Android phones', as well as the permitted models. 

2. What applications will you permit? 

BYOD isn't just about which devices staff can use — it also covers software. 

You will need to create a list of acceptable tools that your company allows. You'll want to think of all the main applications, such as browsers and productivity tools. 

3. What will you consider acceptable use? 

Here, you need to clarify the activities that staff can perform on their devices. 

Typically, you'll want to allow for reasonable personal use but draw the line at some point. For example, staff watching Netflix and video streaming services is fine, but you might want to forbid activities like gambling and pornography. 

4. How will you manage data? 

With data breaches coming in at an average cost of £3.23 million, it's crucial that your BYOD policy helps protect company data. 

By enforcing separate, work-only applications you'll help to keep data safe and separate from personal data. For these applications, it's best to take extra steps, such as making two-factor authentication compulsory and turning on automatic updates. 

5. How will you train your workforce to use the policy? 

Without proper training, compliance with your BYOD policy will be patchy. So, outline the training process all staff (and new hires) need to complete so they understand the policy. 

This doesn't have to be time-consuming to create. For example, a one-hour recorded PowerPoint presentation walking through the policy from your CTO is a strong start. 

However, companies need to do what is right for them; this might mean an eLearning course or a workshop. 

Build a brilliant BYOD policy 

With work from home causing a surge in security breaches and some staff 'oblivious', it's wise to do everything you can to protect your business and your devices. 

The good news is that there are tried-and-tested questions you can use to make creating your BYOD more straightforward. From considering the devices you'll permit to ensuring you have training in place. 

Choose the right End Point Management Solution 

Whilst creating a BYOD policy is paramount it’s also important to consider the right platform to support a diverse BYOD ecosystem from provisioning, resetting, and repurpose laptops and mobile devices with minimal infrastructure and process overhead both remotely and on-premise.