BYOD (Bring Your Own Device) is already well established in many larger companies as well as smaller ones. It’s not only big business that is taking advantage of all BYOD has to offer. One of the first things that any company needs to consider before anything else is a good policy, whether it is a small business, a new business or a well-established organisation. Establishing a comprehensive BYOD policy is the underpinning to any successful BYOD programme. We spoke to commercial asset recycling company Coara, based in London, to discuss how they had implemented their policy. The security of their system was especially important because they handle confidential waste disposal and IT recycling on a daily basis so understand the issues involved.
Employees should be provided with proper direction for using their own devices within a working capacity. IT departments also need to educate employees and also need the authority to manage employee-owned devices and to do so with as much authority as they previously did with company-owned devices.
Some of the most important points to address within a successful policy are naming the devices which are approved by management and security procedures.
There are many benefits for both employee and management in terms of BYOD and these include more power for employees to self-manage which in turn gives employees more confidence in their position of trust within a company; IT hours are saved as employees can update the business blog and manage things to a certain extent themselves.
MDM (Mobile Device Management) being set in place is an important factor as it will enable IT to ensure that policy is adhered to right across the board and allows access to devices when necessary….in the event of an unauthorized device gaining access to a company’s network for instance.
MDM also allows the ability for IT departments to wipe out certain information in the even of device loss including apps, photographs and other content. This ability can be managed effectively in order to protect user’s personal details to some extent although in the event of the loss of a device through theft this is possibly a moot point.
Policies need to be set in motion with all parties in agreement, they need to be discussed in detail before they are rolled out and great care needs to be taken to ensure that both employee and employer are equally protected and equally happy with the outcome.
In the event of an employee leaving the place of employment there needs to be care taken in removing all company data and access from the user’s device.
With the growth of BYOD so rapid, there is an urgent need to secure the future of employee’s privacy as well as company information and care needs to be take to ensure that the public’s personal information which is held by many businesses is never put at risk.
Personal medical records and banking details are most at risk with the rise of BYOD and policies need to reflect this as well as the safety and comfort of their employees.
Advice for policy making is available and the Information ICO (Information Commissioners Office) has guidelines for businesses and employees who are seeking answers to some of the many questions raised by BYOD and MDM.
Finding answers to the many questions that have been and will be raised by BYOD and MDM are not simple and there will be some changes to the laws relating to data protection before things are satisfactorily set up for the future.