k_Street Consulting, LLC Blog
What to Include in a BYOD Policy
A Bring Your Own Device (BYOD) policy is something that many organizations have adopted, for a few good reasons: employee satisfaction, cost savings, and productivity boosts included. However, it’s crucial that you don’t just assume that you can adopt a policy like BYOD without establishing some ground rules that your employees need to abide by.
Here, we’ll go over a few topics that your BYOD rules need to address.
Password Practices and Other Security
It’s hardly a secret that some people utilize lax passwords - especially on their personal devices, where there isn’t an IT department establishing policies to help ensure password strength. According to Pew Research Center, 28 percent of smartphone owners don’t use a screen lock. Obviously, this isn’t something that can be allowed in the business setting.
So, if your employees are going to use their personal devices to access business resources, you need to have a policy that their devices are set to lock after a certain period of inactivity, and require some form of authentication to unlock. Furthermore, the device should further lock down if an incorrect authentication code is input so many times.
Your policy should also include any required security solutions you plan to utilize as part of your mobile monitoring and management toolset. All devices should have antivirus installed, along with mobile device management and unified endpoint management solutions.
Provisioning and Network Security
Provisioning a personal device that is going to be used for company work helps to ensure a few things. Not only does it help to make sure that productivity applications are configured properly, it also helps to boost your security. Furthermore, your network needs to allow your employees’ devices to access the business network - not just a guest network you have set up. Of course, there should be procedures and safeguards in place to ensure that this is done securely.
Tracking, Remote Access, and Data Wiping
Accidents happen, and devices can be lost - and sometimes, stolen. Furthermore, any device that is attached to a company network and has accessed illegal content could possibly leave the company liable - especially if this content was accessed via the company network. Your IT team should have the capability to monitor what websites and content each device included in a BYOD strategy has accessed, as well as to remotely access these devices to help ensure their security should they wind up missing. It also helps if they can implement updates to work solutions and security measures.
If worse comes to worse, it is beneficial to be able to delete all of a device’s data remotely - that way, even if it is stolen, your data won’t be at risk for as long. This also comes in handy if an employee is ever to leave your employ and you want to make sure they no longer have your data (or access to it).
BYOD can offer significant benefits to any organization. To learn more about putting a policy in place at your business, give k_Street Consulting, LLC a call at (202) 640-2737.