Why You Need to Build a Better BYOD Policy
Gartner predicts that by the end of 2016, 50% of employers will require their employees to bring their own device to the workplace.
Whether you require your employees to use their personal smartphone, a tablet to take to meetings, or a laptop that they bring into the office everyday, having a policy that clearly defines acceptable use will be integral to BYOD opt-in and security.
For 2016, Statistica projected that there will be 2.08 billion smartphone users worldwide. Many of these users are accessing their corporate email and files from these devices. Top managed service providers can help you to ensure that your BYOD policy is locked down tight to ensure best use and compliance.
If you’re just starting to consider implementing a BYOD policy in your organization, you should consider the acceptable use, authorized devices, support, reimbursement, liability and risks, as well as a disclaimer. But we’ll address frequently asked questions when starting to consider BYOD.
Why create a policy?
Cisco and Forrester research, among many others, have both found that CIO’s are increasingly overwhelmed with how many unsanctioned apps and services their employees are using to save and access their confidential company data.
Cisco found that a typical firm has 15 to 22 times more cloud services running than they approved, while Forrester says that 53% of employees install or access unsupported software or services.
If your industry is highly regulated, and your data highly confidential, it’s integral that you come out ahead of this trend and give your employees the access they’re craving — while clearly communicating your restrictions.
What tech are you going to include?
Will you support Android operating systems, iOS, Windows, or Blackberry? Netmarketshare reports show that Android is the most popular at 61% while iPhones now hold 32% of the market share. Find out what your employees want, and offer systems that they’ll actually use.
Clearly define which devices they will be able to access your network and servers from, and make sure that they know if it needs to be a pre-approved device.
At the start of the BYOD craze, companies would foot the bill for devices in order to keep them strictly for work. Gartner predicts that 38% of companies will stop doing this by the end of 2016, and that bill splitting will become the norm. Your BYOD policy needs to clearly define what percentage of the device and services the company will or won’t pay for.
Who is allowed to BYOD?
Is your BYOD policy strictly for your CEO’s to access data while they travel? Is it so that employees can access their emails at any time? If it’s not an open policy, you need to clearly define why you’re limiting it and who it’s limited to.
In the creation of your policy you need to clearly define who owns the device and the data that is on the device. If it’s their personal device, but they’re accessing company data on the cloud, is removing their login credentials enough to limit the spread of information, or do you also need to completely wipe the device?
Especially in the case of highly regulated industries, you also need to have a clear employee exit strategy in place to wipe confidential data or remove access.
What can they access?
In a Cisco survey, CIO’s estimated that there were only 51 cloud services running in their company, when in reality, the number was closer to 730.
At the very least, you need to grant your employees access to their corporate email, calendar, and contacts, and at the most you need to create a complete list of approved and restricted applications. Can they access Facebook? Skype? Dropbox?
You should also clearly define security protocols on the device and why you’re setting restrictions. Explain why they need an alphanumeric lock that’s changed every 90 days, or why they can’t go on Twitter from their tablet. Create your policy with rules and regulations, but also clear communication as to why these restrictions are in place and your employees will be more understanding.
What should your policy cover?
Your policy should include all of the above considerations, customized to your business methods. Policy considerations vary based on your industry regulations and compliance issues, but also based on how confidential your data is required to be. As you start to gather insights about how far you will allow your employees to go, you can start to create an organized policy to lay it all out.
Viewing templates are a good way to wrap your head around how it should be laid out, and IT Manager Daily and the White House have created two drastically different templates that address the same concerns.
If you don’t have the resources on your team to deal with the roll out of a BYOD policy and are looking for complete managed services to take care of the devices and your policy, our consultants at Jig Technologies are here to help. As top managed services providers, we can help you procure devices at reduced costs, and manage these end-user devices throughout the course of their lifetime.
Give us a call today to give your employees the BYOD access they’ve been begging for.