Hero _bg

Best Practices for Implementing a BYOD Policy

BYOD (2)

The bring your own device (BYOD) trend among workers shows no signs of slowing down. Instead of implementing rules to stop this phenomenon, many companies have decided on an enterprise mobile strategy approach that takes advantage of BYOD. In fact, the BYOD market is on course to hit almost $367 billion by 2022, up from just $30 billion in 2014. BYOD allows workers access to business applications and data to collaborate and enhance productivity and, in fact, according to research from Frost & Sullivan, saves employees 58 minutes per day.

Confucius said, “Only the wisest and stupidest of men never change.” Sounds a little harsh if you ask me. In reality, I think we’ve got a whole lot of folks stuck in a state of inertia, wanting to move forward, but somehow locked in a battle between the wills. Be that as it may when it comes to the BYOD policy battle and the consumerization of IT, getting everyone on the same page shouldn’t be looked at as a challenge to be won or lost, but the willingness (and dare I say, surrender?) to adapt to the needs of both IT and the mobile workforce.

According to an IDC report, mobile workers will account for nearly 75% of the U.S. workforce by 2020. Repeated polling of IT executives has demonstrated that security is the primary concern stemming from the spread of mobile devices. Of course, these concerns are not speculative: sensitive company information can be compromised through data leaks by employees, or through loss or theft of employee devices.

If your team is facing a state of inertia, so to speak, the battle to be won if any is a scenario where everyone wins. The time is now to adopt new technology that is scalable, secure, and works across all mobile platforms. The benefits of implementing a BYOD policy cannot be underestimated.

The Importance of BYOD to IT

At the IT level,  adopting new technology is mission-critical because it reduces implementation and employee roll-out times to just minutes with no interruption to users’ workflows—apps can be downloaded and installed in seconds. Moreover, IT would have to devote far less time to software maintenance, shifting the responsibility to software vendors to push fixes and updates via the cloud; a huge departure from the practices of traditional business software.

Of course, the significance of maintaining information security cannot be minimized, yet, it necessitates being said that if companies aren’t providing a solid communication tool to their mobile teams, the likelihood that employees will use personal communication channels is high, thus creating legitimate security concerns. Choosing a well-selected communication and collaboration tool will go a long way towards alleviating that concern.

At the employee level, the potential for greater productivity and engagement is realized when there’s greater satisfaction with the tools being used. Additionally, employees using their devices for personal communication outside business hours will still receive business communication and are more likely than not to take notes or respond. Business communication that is coupled with content sharing will also mean work materials are always available, anywhere. What results is the “elongation of the employee workday.” (iPass research found that 88% of respondents checked their smartphones during their downtime, and more than 20% worked on their commutes to and from work.)

The Importance of BYOD at the Organizational Level 

At the organizational level, a strong mobile communication and collaboration platform ensures greater coordination around business goals, enabling the employee to effectively strategize and fulfill their role wherever they are. At the very least, strong mobile communication mitigates any reduction in company coordination as a result of increased employee dispersion. Instant communication ensures that critical issues get relayed and resolved faster, teams are more closely coordinated, and employees are better able to relay feedback to their superiors.

Also, because company culture is an integral consideration for the executive, increased mobility of employees might raise concerns of greater employee isolation. Strong mobile communication capabilities support a higher level of cohesion by balancing this greater dispersion. With teammates readily available at your fingertips, the barriers to interacting with colleagues are greatly reduced. Coupled with innovative initiatives, management might even be able to increase the social element of their company communications.

Many companies have taken steps to secure corporate networks by implementing a BYOD policy. Here are some of the industry’s best practices for making enterprise resources both secure and reliable.

1. Create Policies

Encourage honest and realistic policy discussions to increase the probability of implementing a successful BYOD program. Before making an investment in BYOD technology, evaluate the repercussions of your enterprise mobile strategy beyond the IT department–consider the human resources, legal, and security aspects of the policy.

Components of an effective BYOD program should include details on the types of devices supported and the following items:

  • Data
  • Applications
  • Service
  • Compliance
  • Security

Make it clear who will pay for data plans and devices. The policy should also have privacy guidelines and limits regarding the collection of personal data from employee devices. Many firms offer apps and suites of programs to enable personal devices while creating a secure networking environment.

2. Protect Corporate Networks

As part of your enterprise mobile strategy, segment the network into corporate and guest users. When an employee signs on with a personal device, authorize guest access to the network. Connections to business applications and corporate data should require a secured enterprise workstation or approved device.

Limit application connections to software running in secured containers. This will restrict security breaches and prevent intrusion into the corporate network.

3. Create Secure Enterprise Work Spaces

Create secure workspaces that are managed at a central location. Separate personal data from corporate data and provide flexibility for local execution. Employees should have access to high-performing desktop environments and mobile devices to access important documents, business applications, and the internet.

4. BYOD Password Policies

Make the authentication process reasonable, but strong. Develop specific access policies to enforce on the container and consider using a two-factor authentication process to enhance security. Remember, complex and lengthy passwords can be challenging to enter on a tablet or smartphone. Complexity increases the probability that people will develop risky behaviors like writing the password down in an easily accessible location.

5. Compliance and Risk Management

Companies must reduce risks from the installation of business applications and proprietary data on personal mobile devices. Formulate an exit strategy for when an employee leaves or a device is lost or stolen. Rules may include removing access tokens, e-mail privileges, and wiping proprietary data and applications from personal devices.

Most people balk at the notion of signing an agreement that wipes data from their devices, especially if there is no distinct separation of personal and corporate data. The requirement could have a negative effect on program enrollment.

6. Limited Roll-Out

Avoid introducing your enterprise mobile strategy to the entire organization at once. Start with a pilot group to test the system. Use the feedback to work out user adoption, legal, application and security issues.


Network security initiatives do not have to place limits on your company riding the bring your own device wave. Implementing a BYOD policy allows you to embrace the culture and transform it into an asset for your organization while providing effective end-to-end protection for your IT network.

Business Process Self Assessment Worksheet