Four steps that will jump start BYOD at your businessIn part one of this BYOD series we presented reasons for why you should support a BYOD security policy at your company. There are a lot of great reasons but these four bubble to the top whenever the topic of BYOD comes up:
- Saving money (between $300-3000 per employee per year)
- Increased productivity and employee satisfaction (34% bump in productivity and 87% increase in employee retention)
- Employees are probably doing it already (between 30-50% of employees already use personal devices for work)
- Ease of use and adoption (which is what this post is all about)
- Setting up BYOD security policies
- Setting and communicating expectations and responsibilities
- Education on why you’re doing it and how it will work
- Choosing the right Mobile Device Management (MDM) platform for your company
1. Setting BYOD security policies that work
When you’re drafting your BYOD policies keep the end goal in mind—you want employees to follow the policy so you everyone can reap the benefits and mitigate the risks. BYOD policies—keeping in mind people started using personal devices at work before you made it official—need to balance flexibility with security.
Above all else, employees must know that these policies are designed to protect their privacy, company data, and customer privacy. Those are three things you cannot compromise on. According to BYOD and mobile security experts here are the main things you need to cover (via 3Points and DMS Technology) :
- Permitted devices: If your MDM doesn’t support iPhones, and most of your employees use iPhones, that’s not the right choice for you.
- Approved apps for company data storage: For example, can you store company files on Google Drive or Dropbox?
- Password policies: Not only how complex passwords are, but using different ones and how those passwords are managed through an app.
- Employee departure: How to deal with data employees have on their BYOD and what to do with it when they leave.
- Additional device security measures: Such as device password brute force protection, passwords for apps and email, and secure app features.
2. Set BYOD expectations earlyThere are two parts to setting BYOD policy expectations at your company:
- How you expect employees to use the devices for work and how they will protect company data.
- How employees are expected to balance work and life when they literally have work in their pocket all the time. It’s easy for people to forget how sensitive company information is and it’s just as easy to slip into the habit of checking work emails all the time. Everyone needs boundaries and BYOD is no exception.
- Refraining from downloading suspicious apps
- Keeping your phone updated
- Using strong passwords to lock the device.
- Knowing basic email phishing practices.
The harm is never fully recharging to give your best at work. The harm is always working and not living.Yes, it’s tempting as an employer to email in the evening or over the weekend, but it’s essential for employees to have a healthy work-life balance. Just because you can check that email or catch up on some chats in the company Slack channel doesn’t mean you should.
3. The more you know—education is keyExpectations naturally flow into education. Why are we using an MDM on our personal devices? Because an MDM platform creates a secure connection between your phone and our data, confidential information doesn’t leak out:
- You don’t have to worry about company files or emails being intercepted when you’re using free WiFi (not that you should use free WiFi without security—but that’s a topic for another day). Evil Twin hacks are very real.
- Why shouldn’t we download that free version of the cool app that usually costs $5? Because it’s probably a fake app with malware that is just posing as the real app.
- It’s important for employees to know the risks, the real risks, when using their personal devices for work. Helping people understand how your BYOD policies are going to help protect their personal data as well as company data makes the transition from informal to formal BYOD security practices much easier.
4. Finding the right MDM for youWith the foundation for your BYOD program set (policy, expectations, and education) it’s time to put the technology part into place—a Mobile Device Management (MDM) system. An MDM is comprised of two parts:
- App management of what’s installed on employees’ phones
- The server software to manage the devices.
- Types of devices supported: If most of your employees have iPhones and iOS isn’t supported by the MDM, it’s not going to work for your company.
- Types of apps included: Beyond just managing and securing the device, are there secure apps for email, chat, and file sharing? Do the apps support collaboration? If the goal of BYOD is improved productivity, your MDM needs to offer tools to help people work better together.
- Ease of installation: The best situation is when employees can install the software themselves by clicking a link and downloading an app. Anything more complicated is going to take longer to deploy and could be frustrating and time consuming.
- Additional IT expertise: Do you need extra IT resources to set up and support it?
- Customer care on-demand: Can you get support from the MDM company when you need it? If things go wrong, will there be someone there to help you?
- Cost: Cost shouldn’t be the only factor to make your decision, but how much an MDM costs is important. You need to find an MDM that gives you the features you need, can grow with your company, and be affordable too.
- Your employees will be emailed a link to enroll their devices on the MDM.
- Employees click the link—it’s important to let them know the email is coming and it’s okay to click the link—and download the MDM controller app to their phone.
- This app registers their phone on the MDM and then creates a secure area on their device for the other workplace apps like secure email, secure chat, and secure file sharing.
- Employees will need to enter a special password to get into their new work apps, but the benefit is extra security and protection for company and personal data.
- On the employer’s side, the administration area allows a company to add new devices, manage devices connected to the MDM, and, if an employee loses a device, delete the work information remotely.