5 Ways Businesses Can Spell Success With BYOD

by Sohini Bagchi    Jan 08, 2016

smartphones

With smartphones and tablets becoming more powerful every year, mobile is undoutedly one of the biggest trends in technology today. In the third quarter of 2015 alone, nearly 353 million smartphones were sold around the world, a 15.5 percent increase over the same period the previous year, according to Gartner.The practice of allowing employees to use their own notebooks, smartphones, or other devices in a work environment - popularly called, Bring Your Own Device (BYOD) is now a familiar trend and it’s here to stay.

While initially CIOS raised concern due to IT security and risk to sensitive business information, it is increasingly understood and regulated by IT departments. Despite this, there are times when businesses cannot take full advantage of BYOD without leaving themselves exposed to problems such as data loss or hacking attacks.

Here are some of the best practices that businesses should follow in order to spell success with BYOD.

1. Having an effective policy

Clarity is the name when it comes to implementing BYOD. The organization should have a clear draft on the BYOD policy consisting what staff members can and cannot do on their personal gadgets. However, having highly restrictive policies in place to safeguard sensitive information may be dissuading. Leif-Olof Wallin, research vice president at Gartner points out in the research that too restrictive BYOD policy may simply not be enforceable, as consumerization of IT is growing expeditiously. Therefore, he believes that businesses should focus on involving key stakeholders, respect employee privacy, assess and review policy, while at the same time have proactive approach in formulating a secure policy.

2. Involving stakeholders, encouraging employees

A strong BYOD policy makes no sense if your employees don’t understand it, or choose to ignore it. Ensuring staff understand what they should and should not do with a device containing corporate data is therefore crucial. Experts often noted that before fully embracing BYOD, there needs to be extensive foresight, and this includes inviting a wide segment of stakeholders to the table when discussing how to implement enterprise BYOD policies and standards. They also opine that businesses should include stakeholders from HR and the compliance department in order to ensure a flexible and logical BYOD policy. 

Read more: Why Businesses Still Don’t Trust BYOD?

3. Having a backup plan

Smartphones fail. tablets get damaged, and Internet services go down. Knowing that you have a backup plan and that it works brings peace-of-mind. Businesses need to expect that sooner or later, a BYOD gadget will be compromised. Therefore, they should have a plan in place for what to do in such eventuality.  ”If information is kept on a personally-owned smartphone or tablet that is lost or stolen, the ability to wipe the device remotely will be essential in order to prevent that data falling into the wrong hands,” Mikey Anderson, Marketing Specialist at UK-based tech firm Kroll Ontrack, mentioned in a blog dated December 22, 2015.

Businesses should not only create contingency plans they should regularly test those plans. “Employees must feel confident that they can quickly report incidents without fear of recriminations, especially if it’s their own device,” said he.

4. Knowing the legal ramifications

When dealing with BYOD data, there will be a number of regulations that businesses will have to remain compliant. It’s important to remember that responsibility for the information will still rest with the company’s data controller and not the owner of the device. Therefore who should be in charge of BYOD becomes very important.

The Employment Practices Code UK for example states that employees are entitled to a degree of privacy in the work environment. Therefore, companies need to tread carefully when managing devices which contain both corporate and personal data. The draft explains that while on one hand, it is important for employees to read an employer’s BYOD policy before participating in a BYOD program, and to ask questions, employers must implement policies and company practices to safeguard sensitive information and reduce the risk of legal liability. In the case of BYOD, the employer should balance this with employee privacy. 

5. Addressing privacy concerns

Privacy plays a critical role when it comes to BYOD. A recent survey conducted by Harris Interactive found that 82 percent of users are extremely concerned about employers tracking their online activity, and nearly 9 out of 10 are similarly cautious about their managers deleting their data. These potentially stringent measures often lead to BYOD failure. 

The IT department should ensure that any time he accesses information on an employee’s device, it is done with the employee’s knowledge and agreement. “BYOD holds great promise for employee productivity and cost savings, but architectural challenges introduced by the first-wave of solutions have inhibited adoption,” says Nat Kausik, CEO, Bitglass said in a statement (September 22, 2015).

Read more: Top three BYOD challenges for enterprises

It is essential to have a legal bond in place that articulates what the company’s rights are with respect to monitoring, accessing and reviewing all the data stored, processed or used by the particular device. As IT legal practitioner Debashish Dhar remarked, “It includes the employee’s obligations with respect to keeping the device secure, password requirements - practically all the elements you get to see in a general IT policy. Most importantly it should clarify what happens if an employee is terminated or decides to leave the company.”