The bring-your-own-device (BYOD) trend has been touted as a great workforce enabler but is equally seen as security headache for many workplaces.
It’s all well and good when employees purchase their own equipment and opt to put in more hours and are able to work remotely. However, one of the data security concerns companies have to face is when a worker resigns or is let go and the question arises as to whether there’s some corporate data in the personal device he or she is taking along.
Your best move is to plan ahead.
For starters businesses can write up a BYOD policy that every worker has to agree with.
Here are some issues to consider:
- Set an appropriate and realistic definition of “acceptable business user” that will cover devices in the BYOD program and set limits on activities that directly or indirectly benefit business
- Come up with a realistic and acceptable definition and limits of “acceptable personal use.
- Define what company data and resources may be accessed with personal devices
- Now that some manufacturers offer features that segregate personal and corporate space on their mobile devices like BlackBerry’s BB10 Balance and Samsung’s Knox, company should consider how these developments will affect their BYOD policies
- Determine a schedule when devices should be handed to IT for configuration of work-related apps and accounts
- Make a list of security requirements that have to be met before personal devices are allowed on the BYOD program
- Make a list of procedures to be followed when devices are lost, stolen, misplaced. This could include procedures on what to do when an employee’s employment is terminated