The BYOD Party — And 7 Ways to Keep it Under Control

Employees bringing their own devices to work is not new. Bring Your Own Device (BYOD) is becoming the rule rather than the exception in today’s workplace. In fact, a growing number of employees are already using their personal communications devices for business purposes, whether or not there is a corporate policy in place. This is most evident in the U.S. (68%) and Canada (65%), compared with the UK, where only 47% operate in this way. (Source: Citrix, Workplace Mobility and the Small Business). 2012-13 really was the year mobility entered the enterprise mainstream. 2013-14 should be the year of consolidation and establishing guidelines around BYOD use.

Just as companies have had to react and establish guidelines around social media, so too must they react regarding the growing use of bringing your own devices. But, can you assume that your existing guidelines will cover BYOD? In short, no. The current policies you have in place for personal laptop use don’t necessarily translate over to tablet and smartphone devices. Why? Tablets and smartphones are more ubiquitous — they connect anywhere, go anywhere, and can be used anywhere.

In the same Citrix whitepaper as referenced above, 65% of the respondents confirmed that their company does not have a policy, procedures or IT system in place to manage employees’ personal devices for business purposes.

With smartphone sales exceeding computer sales in 2012 to the tune of $122.5 million, according to The Magic Blog, you need a solid smartphone policy in place before BYOD ends in disaster. But creating a BYOD policy isn’t always as cut and dry as saying “watch what you say” or “how you say it.”

There are some special considerations:

1. Disparate Software and Platforms

While iPhones have a narrow variation in the hardware they use, Android phones run the gamut from the underpowered to the extra high-end smartphones. The disparate software can make it  difficult for company’s who develop mobile applications.

Another issue is making sure that it’s platform neutral. Your employees might be using Android, iOS, BlackBerry or Windows-based operating systems and your policies need to reflect this to account for all platform nuances. Additional considerations includes writing your policy to establish standards in electronic delivery and the mixed use of personal and corporate data.

Make sure the software and hardware runs smoothly no matter what BYOD platform employees use. One of the many benefits of BYOD is the opportunity for companies to use cutting-edge technology in the workplace. It is expensive to upgrade an entire system, but employees can bring their devices that harbor the latest innovations. Encourage employees to take advantage of this opportunity, but provide them with comparable technology if they do not have a supportive device. Keep as much equality among platforms as possible to maintain efficiency.

2. Approved Applications

More smartphones and tablets in the enterprise translates into more apps and, according to Infosys, 2013 will see more context-based apps for business functions, mobile-based learning and retraining for talent, and greater social functionalities. More apps means more risk.

It’s easy to forget that your smartphone is really a miniature computer in your pocket. And as such, they should be protected against malware and computer viruses just as vigilantly as a company computer. App stores cater to the quick and easy install — it takes 2 seconds to download an application from the app store, but an infected app or an app with built-in spyware can sabotage your network for days. Here are just a few suggested apps to consider:

• Chat and Instant messaging
• File, video and image storage
• E-mail and texting
• Internet browsing
• Device tracking

Establish governance around what apps employees can download. Create a list of approved applications or, better yet, create an enterprise app store. Use push technology to install apps onto approved BYOD. In this sense, you will communicate and drive the mental shift that smartphones are not just being used as personal devices but as a professional business tool as well.

3. Central Management

Consider implementating a central management system for that manages and facilitates BYOD mobile devices accessing your corporate network. This provides tremendous value to information technology groups as central management works off of a main server — there is no need to install it on multiple systems.

Central management systems such as BYOD by BlackBerry  and Apple OS give you compatibility with built-in virtualization software, and are intended to work perfectly with mobile device management. The mobile device management app lets you audit the smartphones connecting to the network and determine whether or not they are authorized to access the network, and control application installation settings.

4. IT Overload and Technical Support

When you write BYOD policies, it’s critical that you also establish a clear method to contact technical support. Without clear guidelines, IT and helpdesk resources can be quickly overwhelmed as the organization struggles to configure and support BYOD endpoints for secure network authentication and corporate use. A well thought-out BYOD policy can create efficiency and establish automated processes that allow end-users to securely self-onboard their devices are critical to offload the helpdesk organization. (Source: Conquering today’s bring-your-own-device challenges, Aruba whitepaper)

5. What’s in the Cloud?

Oh that Cloud… another fast growing concern for companies. Most IT and security organizations prevent access of external (non-corporate approved) cloud storage. But when you implement BYOD programs, employees need to have access to their files and information. This means that, in the absence of remote computer access, files must be stored in a place that has anytime, anywhere access. It also means you have to consider whether you will grant access to cloud storage or if you will provide network storage that is accessible from all personal devices. In either case, your BYOD policy should outline proper cloud use and company-approved alternatives if applicable.

6. Impacts to Corporate Culture

It should be mentioned that your corporate culture should have a lot of influence on your BYOD policies. It’s a great advantage to having a BYOD program — increased employee availability, cost savings, and improved productivity — but your policy needs to consider how BYOD could alter your corporate culture as well. Using mobile devices generally translates into making quick decisions on the go, communicating outside of traditional business hours, and quick response times. Decide if your BYOD policies should establish limits or parameters around access and timeliness of response. You should also reinforce a culture of safety — not texting and driving and how to safeguard personal devices and company information contained on them. Make sure your policy is forgiving of mistakes while also being clear on BYOD best practices.

7. Who’s Footing the Bill?

When a company provides personal devices, it’s easy to establish the boundaries of who’s footing the bill. But when your emplyees are using their OWN devices, and generally on their own consumer accounts, the area of who’s paying the bill becomes very gray. For employees who work from home, companies have a policy as to whether the company or the employee pays for the employee’s internet access / usage. Some companies will 100% compensate the employee while other companies will not because teleworking is considered a “privilege.” Do you split the bill? Does the employee need to make sure the personal device is on it’s own account, separate from any other personal device accounts? Your BYOD policy needs to clearly state where you stand on all these issues.

Make sure you’re an employer who considers all the issues before allowing your employees to bring and use their own devices. Don’t wait to establish guidelines until after something detrimental occurs. It’s important get in front of the mobility movement by mapping out a detailed plan, considering all the advantages, disadvantages and issues involved with a BYOD program, implementing the policy, and then communicating to employees that it’s okay to bring your own device. (Source: Should you have your own Bring Your Own Device policy and program?, BLR). With established policies, BYOD can greatly benefit your company and your employees if thoughtfully applied.