In the past, most companies provided all the hardware required for their employees. Many of us had a work phone that we kept separate or a lap top that was signed out from the IT department if we needed to work away from the office. Things have changed in recent years with more of us having our own devices that we use for work as well as at home.

What is BYOD?
A Bring Your Own Device (BYOD) policy allows employees to use their personal devices such as smartphones or tablets for work purposes, accessing various work data and valuable tools such as hosted email and collaboration software. A recent survey suggests that more of us are doing this than ever before (over 40% according to market research firm Gartner) and it is considered a cost effective way for many SMEs to operate.

The problem is that many businesses are often unaware of the potential security risks involved and may not even know that their staff are using their own devices to do company work.

Who is Using BYOD?
Start up SMEs are finding it increasingly useful to operate a ‘bring your own device’ policy because it cuts down on the costs of running the business and increases the ability of your new staff to work on the move and away from the office. In fact, 62% of small businesses currently operate some sort of BYOD policy in the UK. The issue that many SMEs face is controlling the sensitive information that may well end up on an employee’s laptop or tablet that can lead to data loss or breaches if the right security measures aren’t taken.

Why you need a BYOD Policy
It’s not just a question of making sure that your data is kept safe on your employee’s smartphone or tablet. What happens if the device is lost or stolen? How do you remotely wipe all that sensitive data? What happens when staff decide to move on to another organisation? Developing a robust mobile device management policy that protects the interests of your SME could well be one of the most important security issues you discuss with your IT consultancy when you decide to operate a BYOD policy for your business.

How to Develop a BYOD Policy
There are a number of key components that make up an effective and clear BYOD policy, including:
•State which devices are allowed as part of your BYOD policy and which are supported by your software.
•All BYOD devices need to be secure, that is, they will require strong passwords and screen locks enabled if they are going to be used for work.
•Define your boundaries. It is important that employees understand the level of support that is going to be provided for their device, including help desks and support for applications installed on their smartphone or tablet.
•You employees should be clear on who owns the business data and applications and that you have the right to wipe the phone or other device if it is lost or stolen (this is important because the process will also wipe the employee’s personal data such as images and documents).
•You will need to decide which apps can be loaded onto the device and those, which could cause security issues, which cannot.
•If employee devices are connecting to your VPN, then you will have to decide what personal usage is allowed/disallowed on your network.
•Because the employee owns their own device, you also need to have a strategy for when they leave the company that means your data and network processes need to be removed.

It’s a good idea to take advice from your IT support when setting up an initial BYOD policy for your employees.

Author's Bio: 

I am Erika Chitty. I work for M2Computing in Operations & Sales support. At M2Computing, We provide flexible and affordable Small Business IT Support, systems support, Cloud, Virtual Desktop and Blaze back up services across the South East, UK.