Four steps to creating a secure BYOD policy

October 14, 2015

Rather than struggling to keep up with yearly technology changes, more and more businesses are turning to Bring Your Own Device (BYOD) solutions instead of continually issuing new phones or tablets to employees. Part of a growing trend by businesses big and small, the BYOD revolution has evolved as a result of the so-called consumerisation of IT. 


What this means is that employees are allowed to use their own personal devices to access company files, corporate email and much more. BYOD has proven to lead to increased productivity by employees and lower costs for companies. 


But there’s a dark side to BYOD and that’s in ensuring the safety and security of corporate material at all times. 


An important factor to consider when bringing in BYOD is to also implement a policy that lays out the rules and security measures. BYOD is not simply a free-for-all that allows employees to use whatever device they choose to access whatever they want. Read on to learn how to safely go BYOD in four easy steps. 


Specify what devices are permitted. It’s important to decide exactly what is meant by “ bring your own device.” Since you’re the one implementing the security measures, you get to decide which devices will work best within the confines of the system you’re implementing.


Establish a clear security policy. Make passwords mandatory on all devices. These devices have access to sensitive information that need to be protected by more than a simple swipe-and-go operation. Consider also investing in enterprise mobility software. 


Integrate BYOD into the company’s Acceptable Use Policy. Just as employees have to agree to a policy before using company computers, laptops, etc., they should also have to agree to a policy before using their own devices for company purposes. 


Set up an exit strategy. Plan for what to do when an employee using their own device on your BYOD platform leaves the company. Have a plan in place for removing email access, data and other proprietary applications and information.