There will be an estimated 2 billion smartphone owners by the end of 2014. Considering this, it is hard to imagine that there are large organisations out there that haven’t formulated a strategy around how to deal and maintain their BYOD policy.
If you haven’t incorporated BYOD into your Acceptable Usage Policy yet, now might be the time to consider the impact of mobile technology and how to cope with it. This week we will discuss what a BYOD policy should include and how to manage office mobility effectively.
Your BYOD policy needs to include a few things that safeguard your organisation from information theft; whether it be through hacking, device theft or loss. Also, take into consideration the implications for your support staff and minimise the type of support you will be providing on mobile devices.
Let’s be honest, technical support can be challenging, especially with the type of user who needs help finding everything from the power button, to the “dial” icon on their devices.
So here are a few examples of what your BYOD policy should include to ensure your organisation leverages the benefit of mobile technology and keep the risks to a minimum.
Security: The versatility and features found in today’s mobile devices means that they are able to access and store all types of information; from emails, contacts, diaries and sensitive files. Be sure that you implement a strong password policy around devices and include screen locks with complicated key combinations. This might be an inconvenience to the user, but the security concerns outweigh the trouble of remembering complex passwords and unlock combinations.
Access levels: Always approach access levels with a conservative outlook. Only grant users the minimum access to company information and increase it on a needs basis only. Documenting who has access to what types of information will assist you in keeping track of access levels.
Scope of support: The last thing a busy IT department needs is to give technologically- challenged users more reasons to show up at the most inconvenient time to ask a “quick question”. IT pros everywhere will relate to this. It is important to define what exactly is included in device support, and that staff understand this. For example, your support staff shouldn’t be concerned with assisting an employee in getting to grips with Snap Chat.
Exit strategy: This is something IT managers sometimes overlook. Be sure to include an exit strategy that includes removing all company related information and applications from devices once a staff member leaves your organisation. It’s often been the case that employees start a new job – sometimes at competing companies – while their former employee’s email and data is still on their devices. This can pose some serious risks for your organisation, as well as cast a negative light on your IT risk management capabilities.
Your BYOD policy should be your first and last line of defence
Remember that the ultimate responsibility to safeguarding your organisation’s information rests on your shoulders. Whether the device belongs to the individual or is provided to him or her by the company; you are the custodian of the information that exists on it. Take all necessary measures to ensure that you’ve covered your bases and that users are educated around best practices when it comes to your BYOD policy.
Image credit: CDN-Static