Implementing a BYOD Policy
Implementing a BYOD policy

Implementing a BYOD Policy

Mobile use at the office has gone beyond adding an additional convenience to being vital to today’s cloud-based workflows.

According to Microsoft, mobile devices now makeup about 60% of the endpoints in a typical organisation and take on as much as 80% of the daily workload. But unfortunately, many Sydney businesses still don’t have a cohesive policy in place for mobile use and mobile security.

The technology solution landscape is always evolving, it’s the nature of business and IT. This means that companies need to also evolve how they do things like the way that we work changes. This includes having an employee mobile policy that is clear, well-communicated and makes good business sense.

With mobile use being a given in today’s offices, companies have to decide how to handle it – by issuing company-owned devices or using a bring your own device (BYOD) policy.

BYOD has been gaining in popularity around the world due to the cost savings. It’s also easier for people to carry just one device around instead of two (personal and work device).

Cost savings for using BYOD over company-owned devices can be 17-22% on average if it’s handled right. If not, then costs can increase due to things like security issues and administrative costs.

Overall, BYOD is gaining in popularity, with approximately 50% of businesses in Australia and New Zealand either having BYOD in place or planning to in the near future.

How do you set up a mobile device policy that works for you, your employees, and your bottom line? We have several tips below.

Set Up a Secure & Easily Managed BYOD Strategy

Some of the implications that will factor into your BYOD strategy are security and risk. For example, according to the Australian Cyber Security Centre (ACSC), companies have to consider their liabilities under the Privacy Act 1988, Archives Act 1983, and Freedom of Information Act 1982, when implementing a BYOD policy.

ACSC recommends a “four Ps strategy” for implementing BYOD, which includes:

  • Purpose
  • Planning
  • Policy
  • Polish

The following are several tips that incorporate those four Ps and can help you reduce the risk of data security issues and enjoy a BYOD policy that saves you money rather than costs you.

Use File-Based Security

Data doesn’t know when it’s on a secure computer or an unsecured employee device. You want to protect it from being breached either way, which can be done automatically using a system like Microsoft 365 sensitivity labels.

Sensitivity labels are a file-based security process. You attach a set of security policies to a file, based upon its label. For example, you could restrict posting on social media or copying a file.

A big benefit of sensitivity labels is that they’re persistent, meaning they follow the document through different apps and on different devices, including mobile devices. They are a way to reduce the risk of data leakage from a mobile device.

Keep Track of Employee Devices with a Mobile Device Manager

One of the factors that can increase the cost of a BYOD policy is having to keep track of which employee devices have access to your data and having to adjust your security protocols for different phone operating systems.

A mobile device manager (MDM) can do that for you, greatly reducing administrative costs and improving security.

An MDM, like Microsoft Intune, keeps track of BYOD devices for you and can also give you control over the “work” side of the device, while keeping the “personal” side private.

Microsoft Intune is included in Microsoft 365 Business Premium and contains vital security and administrative capabilities.

Some of the ways that using Intune can improve your BYOD security and reduce administrative time include:

  • Ability to push software updates automatically
  • Track devices and their access to your data
  • Grant or revoke device access remotely
  • Remotely lock or wipe a lost or stolen device
  • Implement Two-factor authentication for app access
  • Use encryption to protect sensitive data on mobile devices

Decide on a Monthly Stipend for Employee’s to Use Their Own Devices

If you leave the topic of reimbursement for mobile use up in the air, it can lead to employees feeling they’re being taken advantage of or your business paying more than it needs for employees to use their personal phones for work.

Decide on a set stipend that employees will receive to help cover mobile costs in exchange for them using their mobile devices for work.

According to Telstra, Australian businesses provide stipends for BYOD that average between AU$140 to AU$270 for one-time hardware costs upfront, and an ongoing monthly stipend to cover mobile plan costs of AU$40 to AU$70 per month.

Create and Train Employees on a Mobile Policy

Another finding in the Telstra report was that only 27.9% of BYOD employees are asked to sign a policy governing mobile use for work.

It’s important to create a mobile device use policy that outlines expectations, cybersecurity requirements, exactly how the “work side” of a device will be tracked by a mobile device manager, and other mobile use policies.

Train employees thoroughly on the policy and have them sign the policy before they can take part in your BYOD program. This way all expectations are clear and there’s no grey area that could leave your data at risk.

Get Help with a Secure BYOD Strategy

If you have a casual policy for mobile use for work, and you're starting to think about putting proper security and processes in place, ask me a question in the comments below and I'll do my best to answer.

Simon Maddox

Business Coach to grow your small architectural/design practice, creating the freedom to enjoy your passion and Step-up to Your Next Level.

4 年

Thanks Darryl, great article. I'd like to get some more information or discuss for my clients (small architectural/design practices).

回复

要查看或添加评论,请登录

社区洞察

其他会员也浏览了