I’ve spoken with businesses regarding their mobile workforce and their stand on letting their staff use their own devices on the organisation’s network. And the final verdict on what organisations think of BYOD isn’t really out yet.
What you should know about BYOD policies
It’s a policy known as Bring Your Own Device, or BYOD for short. Interestingly, the reasons for the acceptance or the denial of the policy are quite contrasting and often vary based on the size of the organisations and their internal IT policies.
Most organisations are already allowing BYOD without even giving much thought on the consequences, good or bad. But let me help you by shedding some light on the policy overview.
The term BYOD was first introduced by Intel in 2009. It was defined as a broader policy under which the privileged company data could be accessed by the external devices not owned by the same company. As it was introduced, organisations worldwide followed the policy to a great extent. I can confidently say that almost all non-government organisations would allow their employees to bring their own devices and would actively encourage it.
If we ignore official email access for the moment, from the initial viewpoint, allowing BYOD into an organisation sounds like a more cost effective option and allows your workforce to work remotely. Having said that, in actual practice it can really cause disruptions while conforming to the organisation’s IT policies. On the other hand, the organisations that have not yet implemented an IT Policy will generally tend to allow BYODs. The main reason for this being that they don’t have a base line to work with, nor do they have anything to evaluate the risks against.
What should you consider before supporting BYOD in your network?
We find the general ‘line in the sand’ to be very vague and unfortunately is not always drawn for the right reason. Before a decision can be made it’s important to know the risks and costs involved upfront.
Although every organisation is different, the enterprise-oriented network perimeter is crucial to the success of the organisation’s BYOD implementation.
Besides the upfront hardware and network design, a problem area is often the misalignment of the expectations with a realistic outcome. Some of the grey areas that one must consider addressing up-front are:
Who is going to pay for the data usage?
What is a fair amount of data usage for work use?
Who pays to keep the device’s Anti-Virus up to date?
How is it ensured that security updates are applied to the client device and it’s up to date?
What about downtime caused by the user, how will it affect their capacity to do their job?
In the SME space specifically, it won’t be easy to disallow BYOD as there are too many advantages associated with its application. The biggest and the most important advantage for SMEs is the ability to be agile and adaptable to changing business dynamics.
My firm belief is that BYOD in an organisation, irrespective of its size, can be advantageous to both the user and the organisation. The key lies with a strategic implementation of an IT strategy to make the BYOD policy effective.
How do I implement a strong IT strategy for BYODs?
Formulating and implementing an IT strategy is a long and calculated task. I have included a few pointers below which would help the users to draft the initial framework of their IT Policy in order to implement the BYOD policy in your organisation:
Make sure that secure password policy is active and implemented.
Utilise an enterprise VPN solution that only allows each user access to the required infrastructure.
Enable logging of user logins and ensure regular auditing takes place.
Only allow single logins at a time.
Limit amount of data that can be stored on the users device – if possible utilise Microsoft Remote Desktop or Citrix.
There are many more questions that should be addressed before deciding on implementing a BYOD policy. Most of which are actually not technical – but are business decisions.
Your best starting point is to sit down with your trusted IT Managed Service Provider and discuss your specific requirements. Once this is in place you will have a clearer idea of what lies for you in it. Although this is not bleeding edge technology, the cost of doing this is not cheap. So be prepared to shell out $5,000 or more to design and implement a solution.
To find out more about how we can help you plan and implement an IT strategy for a BYOD policy, get in touch with us here.