When almost all employees have smartphones tucked away in their pockets when they come to work, it makes sense to want to implement a BYOD policy. For those who don’t know, BYOD stands for Bring Your Own Device. Simply put, a BYOD policy allows employees to use their devices at work to do work.
As we are all well aware, smartphones are more than capable of supporting business email clients, productivity suites, and enterprise VoIP apps. But we also know that they support Angry Birds, Candy Crush, and a multitude of other apps inappropriate for the work place. That’s why a policy must be implemented if you decide to have your employees bring their own devices.
Policies are difficult to write. It can be helpful to find some templates online to help you start out, but make sure you tailor whatever template you use to fit your business in particular. There are some awesome starting out materials and supplements from the White House, IT Manager, and Apple. These resources provide templates and toolkits for getting your policy started, here are some of the more important points that you need to be sure to address in your policy.
Define Your Devices
If you plan on having certain apps that your employees use, you’ll need to make sure that they are available across multiple platforms. If not, you may need to restrict what type of devices your employees can use. Incentives for getting a new device might need to be given in that case.
Back when Blackberries ruled the world, defining devices was easy. But, Blackberry is all but completely dead, and iPhones and Androids rule the business world. Windows phones are capable, but don’t have as many apps as iOS or Android.
Still further, you’ll want to be clear on whether or not you want to include tablets in your policy. There are a lot of tablets in the marketplace that are blazing fast and are business ready: iPads, Galaxies, and Surface Pros. Again, you’ll want to be wary of the operating systems, but most devices nowadays are capable of doing the job.
Most tablets support VoIP apps, so they can be used as phones, you’ll just want to read other user reviews and check ratings of the apps before you approve them.
As mentioned earlier, there are many productivity apps available on smart devices, but there are more anti-productivity apps. When talking about workplace usage in your BYOD policy it’s important to specify if it’s ever appropriate for an employee to use their device at work for non-work related purposes.
The answer usually is: sometimes. It’s not the best idea, in my opinion, to prevent your employees from texting their spouses or checking their personal email. Those things take very little time and quick micro-breaks are beneficial to an employee’s productivity. Banning Facebook or Angry Birds during the workday makes much more sense. Those kinds of apps turn micro-breaks into mega-breaks and greatly decrease employee productivity.
Since your employees’ devices will have both business and personal data on them, it’s important to regulate how your business data is being used, stored, and protected. First, and easiest, you’ll want to ensure that the devices that contain business data have more than the usual 4-digit or swipe-pattern passcode. There are plenty of apps out there that can perform that function.
One of the things that seem obvious, but is often overlooked, is clarifying who owns what data on the device. That way, as the owner of the business data on the phone, you’ll be able to securely wipe any of the business data off of the phone. If you are able to store all of your business’s data in the cloud, like through DropBox, which makes it easier to securely (and remotely) remove data from a device.
You’ll also want your employees to sign an agreement that they will not share business data with any unauthorised persons. Won’t work 100% of the time, but at least the employees will know very clearly that they are supposed to be careful with company data.
A backup plan goes hand-in-hand with the security protocol, but it’s targeted at employees that leave the company. In your policy, write a clause that states that you as the business owner have the right to remove any data or apps that belong to the business and have the ability to desynchronise apps from company email, documents, call records, etc.
All these policies seem determined to make the life of employees miserable. But really they are there to ensure that their rights are protected and that your business rights are protected as well. So, make your policy clear, to the point, and don’t leave room for interpretation.