How to create a successful BYOD policy for your business

Friday 27 September 2013

Business leaders are naturally eager to empower workers with technology, enabling them to operate more effectively and boost output within the organisation. And given the potential agility, availability and productivity benefits of mobile technology, it is no wonder this has been a focus area more many businesses in recent years.

Increasingly, employers are allowing their workers to use their own personal devices in the workplace. Within many organisations, staff members have expressed a strong preference for bring your own device (BYOD), on the basis they can work faster and more effectively on their own handsets, and do not need to carry duplicate versions around with them. Employees want the same functionality and features at work as they have at home, and with an increasing number of people investing in powerful smartphones and tablets, they want to use them in the course of their professional lives.

From a productivity standpoint this is fine, but employers are conscious that there are risks associated with BYOD - most notably in terms of IT security, device management and data segregation. In order to counter these threats, businesses need to form effective BYOD policies, which allow employees to use their own devices on and off-site without leaving the organisation exposed.

Forming a BYOD policy - getting started

Security company Symantec has created a checklist for organisations forming a BYOD policy, in a bid to ease concerns over the use of personal devices in the workplace. Following a series of simple steps can enable businesses to form solid and secure policies for BYOD, which enable firms to enjoy all the benefits without the risk of device loss, fines, reputational damage or other problems.

First of all, businesses need to have a clear idea of their end-goals, wider policies and mobile users, Symantec claims. In terms of business goals, decision makers may wish to set priorities for BYOD, whether it is to increase employee satisfaction, reduce capital expenditure on hardware and support costs, or offer additional functionality for workers. The firm also advises business leaders to analyse existing policies and regulatory frameworks to ensure BYOD is compatible. If, for instance, the company is operating in a highly regulated sector, the use of personal devices may not always be appropriate.

Next Symantec urges businesses to consider the end-users, and segment them accordingly. Points to consider include whether they are on the road for a lot of the time, or office-based, whether they require access to privileged information, whether they fall under specific regulatory requirements and whether they have legacy dependencies.

Working towards your BYOD policy

If, having considered such details, it still makes commercial sense to embrace BYOD, businesses should start by determining support capabilities, Symantec says. Questions to consider include which services are required, and what degree of support the service desk should offer. Next, businesses should determine educational needs for their staff - what sort of training will workers require to adhere to the BYOD policy and use mobile technology effectively? At this point, they also need to establish where data should sit, either locally or in the cloud. And how will personal and corporate data be kept apart?

Other important steps to take include defining minimum device requirements, since it may not be possible to support every smartphone and tablet available on the market. Symantec notes that it is also important to establish who is paying for the mobile plans and devices - are employees going to be supported financially if they are using their own handsets for work purposes?

Symantec says that, having considered these issues, businesses should be well-placed to form an effective policy for BYOD. Once this has been achieved, organisations need to identify a suitable sample group within which to run a pilot scheme. This should help identify any problems with the policy, or room for improvement, prior to a full rollout across and organisation.

How can Microsoft mobility solutions add value to your organisation?

Posted by Alex Boardman