Call: 507-387-4081

Adopting or Adjusting a BYOD Policy

byod_2_orig

SELECTIVE INSURANCE (5/9/2017 ) – In today’s overwhelmingly technology-focused world, workers want to use their smartphones, tablets and personal laptops in the workplace. Because of this, companies’ information technology departments began implementing – “bring your own device” (BYOD) policies. For those who haven’t often heard the term: Employees who use personal mobile devices or computers must follow certain guidelines to safeguard company information, particularly confidential or sensitive data.

Any company that requires workers to travel, or does a considerable amount of its work online and in the cloud, can benefit from a BYOD policy with clearly defined parameters and requirements. If you’re a business owner considering BYOD but still on the fence, take a look at the benefits it can provide. And for those who have implemented BYOD but are experiencing issues, we’ll discuss some of these problems and what might be done to remedy them.

A brief history of BYOD
According to the Information Security Media Group, a collection of web publications covering information security news, computing giant Intel coined the term BYOD in 2009. Intel noticed that its employees had started bringing in personal computers and mobiles to do their work and decided to embrace rather than reject this behavior. Nearly a decade has passed since then, and BYOD is now used across businesses of all sectors, in no small part due to the ever-widening accessibility of smartphones.

Primary benefits
Tech sector news website ZDNet stated that business owners benefit from BYOD because employees can be more effective in such as, working from home, during business trips and while commuting. These benefits are both tangible and abstract to staff and company leaders alike.

The first positive effect BYOD can have is on the corporate bottom line. Companies spend less on devices, in-office tech infrastructure and software by having employees use their own computers and smart devices. Meanwhile, employees with more-flexible schedules and a choice in where they work may have increased morale, due to the absence of a structured professional routine and life beyond the cubicle. The better workers feel about their roles, the more efficiently and effectively they are likely to perform.

Potential BYOD drawbacks & possible solutions
BYOD isn’t the same thing as issuing company-purchased smartphones, tablets or laptops to employees. In those instances businesses have considerably more control over what corporate data can be accessed on particular mobile devices or computers. And they’re able to monitor and restrict web traffic and, in case of a potential data breach due to a lost or stolen device, can often remotely “wipe” the item, destroying its data and preventing it from falling into the wrong hands.

With BYOD devices, companies do not have the same security oversight – at least not by default. IT and infosec publication eSecurity Planet noted that devices outside a company’s control may be more vulnerable to malware, or could be used by disgruntled employees, who’ve quit, to share business data with a competitor.

With this in mind, you may prefer to have the IT staff buy devices and provide them to workers after establishing administrative controls over them. Government departments do this as a matter of course. Alternatively, you can opt for what the Infosecurity Magazine website describes as corporately owned, provisionally enabled (COPE): Under these policies, companies own the phones, tablets or laptops they provide to employees, but impose fewer restrictions on device use and may allow workers to pick their own models.

However, there might be an even better way to split the difference and implement BYOD without sacrificing security. Mobile device management (MDM) and enterprise mobile management (EMM) platforms let workers use their own devices but also allow employers to monitor for intrusion or unauthorized employee activity. The former system provides monitoring and some remote override capabilities, while the latter offers much more control over devices, company applications and network access.