Bring your own device (BYOD) is a policy where employees are permitted to use personally-owned mobile devices (laptops, tablets, smart phones, etc) to access privileged company information and applications. BYOD is an increasingly popular business trend with both pros and cons that companies must consider carefully before adopting a formal policy.
A supporting argument for BYOD is increase employee productivity. Surveys have shown that employees are more productive when using personal devices, are more invested in properly maintaining the device on a more frequent basis, and require less training for a device that they are already familiar with.
Additionally, employees are also more likely to take their work home, which allows for work flexibility, and in turn boosts employee morale and convenience, demonstrating a flexible and attractive work environment.
Furthermore, asking employees to provide their own tablet and/or mobile phone saves the company significant costs by eliminating not only hardware but also software, maintenance, and possibly technology upgrade expenses.
However, some companies may be cautious in adopting a BYOD policy despite the significant cuts to tech costs and device management. Common concerns about BYOD center around security and sensitive company information. What would happen if there was a data breach? What if an employee’s smartphone, that had access to the company network, was lost and untrusted parties could retrieve unsecured data on the phone? Can or should businesses wipe personal devices after employees leave the company?
Employers that allow their employees to use personal mobile devices for work purposes should consider writing a clear, comprehensive BYOD policy that formally addresses such security, privacy, and control concerns. The following is a non-exhaustive list of some questions a BYOD policy should cover:
What devices are allowed or included in the policy?
What level of access will be granted to the employees? Will different employees have different access levels?
What kinds of antivirus and protective software are required?
If the employee owns the device, who owns the apps and data?
What type of security should a company require and how will these requirements be enforced? Will remote access be available?
Who is responsible for supporting devices? What level of support will the company provide? What costs or expenses for employee owned devices are the employer willing to cover?
Will there be a virtual partition in the device to separate work data from personal data?
What do you do if you find illegal information or activities on the device? Does it make a difference if it is in an “area” of the device that is not work related?
Under what circumstances will the employer wipe company data from personal devices?
If you’re looking for some examples of BYOD policies, here are links to resources that you can get ideas from:
Toolkit to Support Federal Agencies Implementing Bring Your Own Device Programs
Jennifer Pan is a marketing coordinator and The New Recruit at Logic Solutions. If you want to get her attention, try talking to her about d20s, (board) games, sci-fi and geeky references, or cute animal videos…or all of them at once. Just don’t bring up her uncanny ability to roll natural 1s.