Setting up an effective Bring Your Own Device (BYOD) policy for your organisation
What is BYOD?
Bring Your Own Device (BYOD) policies are becoming increasingly popular within businesses and allow employees to connect to their organisation’s network or resources easily through personal devices such as laptops, smartphones or tablets.
Why is BYOD so popular?
Working from home has become much more common since the Covid-19 pandemic that left offices closed and remote working a must. In a recent government survey, 85% of respondents said they wanted a hybrid system between working at home and working in the office in the future. Constant movement between work spaces means that BYOD policies are highly convenient for employees, as they can use the same device both at home and in the office. BYOD policies are shown to increase employee productivity and satisfaction by over 50% as it enables employees to use devices and operating systems they are comfortable with, instead of having to use contrasting systems in the office and at home. Bring Your Own Device policies make it easier for employees to efficiently connect to their organisation’s network when working from home as well as in the office.
What are the alternatives?
Corporate owned, personally enabled (COPE) – This type of policy lets an organisation own an employee’s device but it can still be used for personal calls and information. Although COPE policies provide more control for the company, it can become expensive as the business has to provide devices and in some cases mobile bills for each employee. BYOD policies give employees freedom to work from a personal device that they own and choose themselves.
Choose your own device (CYOD) – CYOD policies let employees choose from a range of set operating systems and devices that have been approved by their company. This can increase security as all devices are confirmed to be compatible with the company’s network on top of giving employees a choice. Although CYOD is very similar to BYOD, it reduces the amount of freedom employees have over devices they can use, and potentially takes away some of the benefits of BYOD.
What are the risks of BYOD?
- Malware – as employees will be using their personal devices for various tasks on top of work they will be downloading other files and information onto their device. This virus can be transferred into the company network when they log in and infect the whole system, with potentially disastrous consequences.
- Stolen devices – an employee losing their device and it possibly falling into the hands of the wrong person is made more likely with a BYOD policy as they may be commuting often with the device instead of leaving it in the office. A stolen device could lead to a large security breach, even the device is locked.
- Data theft – not all applications installed on personal devices will have secure security measures in place and are potentially vulnerable to being hacked. If information from an employee’s personal device is hacked, corporate data and confidential files could be accessed, putting the company’s network at risk.
How to create an effective BYOD policy
Allware IT provides many solutions to perfectly tailor a BYOD policy to a company’s policies and aims, whilst keeping their network and employees’ personal data safe.
- Utilise date encryption on portable devices – this ensures that even if a device is lost or stolen, the data within is not easily accessible, preventing security breaches.
- Staff training – teaching employees what to look for in phishing mails and virus containing downloads reduces the likelihood of a human error breach.
- AntiVirus software – educating staff on the importance of AntiVirus software will help keep their personal files and passwords safe, on top of protecting the company’s network.
- Endpoint protection – ensuring devices meet a minimum security level which could include scanning for driver versions, making sure AntiVirus software is up to date, and all Windows Updates are installed for example
- Ensuring appropriate firewalls are setup correctly on the customer site, actively scanning and quarantining devices that do not meet minimum security levels.
For more information on how Allware IT can assist in IT security and management contact us.