Believe it or not, once upon a time, kids at the bus stop didn’t have cell phones and the mobile device strategy of many businesses was typically you’ll take what you’re given, refrain from using it for any personal use, and the data may be scrubbed clean whenever we please.
We’ve come a long way. Today, businesses really have no choice but to let employees use personal devices for work purposes. Blurred lines now make it difficult to differentiate between what is professional and what is personal. A company or organization may partially pay for an employee’s tablet computer or smartphone, but that same device is used to upload photos to Facebook or download torrents of this season of Game of Thrones.
Naturally, security and privacy issues are a concern since these devices sync to the company network. Larger corporations may be able to hire IT support or produce sophisticated BYOD guidelines for employees to adhere to but smaller businesses have limited resources.
In fact, recent surveys suggest that the small business sector is doing very little to preemptively prepare for potential network security risks that could arise with the use of BYOD devices. This could prove to be disastrous.
According to market stats from a survey conducted by Cisco in 2012, approximately 88% of employees are doing business on personal devices. However, only 17% of companies currently have a BYOD security policy in place, and only 29% of companies have plans to implement a mobile device security plan in the near future.
Implementing a comprehensive BYOD policy right now, rather than when it’s too late, is important. We’ve compiled a list of four items that any business currently building a BYOD strategy must consider.
- It must clearly be outlined what specific devices are permitted for work use.
- The company/organization must have the ability to remotely delete company-sensitive data from mobile devices without the device owner’ s permission. Remote deletion capabilities are much more refined these days; simplifying the removal of enterprise-related data from devices, while leaving other content like personal photos, contacts, apps and music downloads intact.
- Written policies should be put into effect that correspond with terms of use policies and any guidelines pertaining to remote/telecommute workers or the sharing of sensitive data. There should be clearly defined consequences for violating any or all policies.
- Employee privacy should be discussed within the BYOD policy since employees often use these devices to check personal email, browse or post to Facebook and Twitter feeds, instant message, and store personal documents, photos, music and movie downloads. Employees must understand that employers still have access to the content stored on these devices. Location tracking, which gives employers the ability to locate employees, is also something to discuss since many people don’ t necessarily welcome that kind of surveillance.