The modern work world has a few constants, one of which is that most employees (67%) use their own devices at work and most businesses (87%) are dependent on their employees using mobile devices. In fact, 95% of organizations allowed the use of personal devices in their workplace before the pandemic. Those statistics combined would lead you to believe that nearly every business has a Bring Your Own Device (BYOD) policy in place. In reality, only 59% of organizations do.
I won’t go into why, but clearly businesses are behind and trying to get up to speed to protect themselves. It’s vitally important, from a management and security perspective. That’s why it was number 1 on my list of the 5 must have tech policies for your company.
Maybe your company has a BYOD policy or maybe you are looking into how to implement one. In either case, these tips will help you make your company secure – and do so without having a negative impact on your employees.
Here are 5 tips to make your BYOD policy better and more secure
- Define Your Security
- Require Device Updates
- Use Mobile Device Management
- Use VoIP Apps for Business Calls
- Include BYOD in Your Offboarding Process
Define your Security
I always start with the big guns. Obviously, this is easier said than done, but you really need to think about what you want secure, and how. This is the foundation of your BYOD policy. If this isn’t well defined, then the rest of it will just fall apart.
You can’t just say you want your data and devices secure; you need to know how. You need to include your IT department or IT support company in on this one. They will have insights to help flesh out what you are feeling into real-world situations to make decisions on. Of course, if you don’t have an IT company feel free to use our calendar to schedule a free review with us.
What sort of items do you need to consider?
You need to consider any connection to or with your company data, and how to make that secure.
That means having rules about connecting to public wi-fi, using MFA, what file sync and sharing apps are allowed, and using a password manager. Rounding out that list should always be your acceptable use policy as well, as you can’t quite decide to block apps on an employee’s personal device – since it’s their device.
If your team is using android devices, the recently released Android 13 makes the process a lot easier since they built it with that in mind. Of course, that means those devices need to be on the latest OS, which should come in time and brings up the next couple of topics.
Require Device Updates
What good are the OS and security updates if they aren’t installed? That’s why part of your security policy should be to keep the device up to date. If they are using an aged device, that might mean they need to upgrade. BYOD policies are great for companies because they save them a ton of money on hardware, but it doesn’t mean it makes a free policy. You will need to factor in situations like these and have a compensation program in place for upgrading. While I’m talking about it, you should have some form of compensation for them using their own device even if it’s brand new. You’re asking them to use their device for business purposes, which is wear and tear on their property.
Use Mobile Device Management
Mobile devices are trickier to manage because they are not on premises all the time, or maybe ever. Remember, while most BYOD devices are mobile phones, some can be laptops or home PCs that are connecting to your business. Mobile Device Management (MDM) software lets you configure and manage devices on any device that connects to your network.
MDM allows you to authorize security settings and applications as well as schedule backups of company data. You can scan for vulnerabilities, ensure anti-malware apps are in place, remotely update devices, and block devices that could be threats.
Use VoIP Apps for Business Calls
Do you know how your team gets calls on their phone? 65% of employees use their personal phone number in business. Further, 75% of employees who receive calls on their office phones forward the calls to their mobile phones.
At best, this is completely inefficient. At worst, your business contacts don’t actually know your company phone number. What happens when that person moves on to another company?
You need to be using a VoIP phone system for your business. With VoIP, you can do many things to benefit your business and make it more productive. The top of which is the ability to receive business calls on a mobile device.
If you haven’t switched to a VoIP phone system yet, let us help you make that switch. It’ll save you money and add features that will benefit your business. What? It’s a better product and costs less? Crazy right!?
Include BYOD in Your Offboarding Process
Lastly, with BYOD being so integrated into your company with these policies, it must be remembered to be part of the offboarding process. I’ve talked about this before in my offboarding guide, so I recommend you read that as well – specifically the sections on Wiping Employee Devices and Managing Credentials.
When an employee leaves your company, their digital imprint will need to be addressed. While access to data can be revoked, existing data will need to be deleted. Where BYOD is concerned, the device is the employees’, so you can’t take possession of it, but the company data needs to be wiped from it. Again, MDM is the key here for doing this easily, and remotely.
That wraps up our 5 tips to make your BYOD policy better and more secure.
Make sure to clearly define all of your security concerns, require device updates (and refresh aged hardware), use Mobile Device Management software, use VoIP applications for calls, and factor in BYOD into your offboarding process.
If your company doesn’t have an IT partner to consult with, feel free to get in touch and we can assist in creating a secure BYOD program. We’ll look at how your team uses personal devices and make our recommendations for the best tools. Contact us with our live calendar to book a free 15-minute consult.