Your guide to drafting an ironclad BYOD security policy

Your guide to drafting an ironclad BYOD security policy

Bring your own device (BYOD) policies have been gaining traction in recent years as a way to increase employee productivity and reduce company costs. But despite some lucrative opportunities, implementing an effective security policy remains one of the biggest challenges. If employees' personal devices can access sensitive data, you better have a way to protect those without stepping on employee privacy.

This wouldn’t be so difficult if Americans hadn’t developed such terrible security habits, such as reusing passwords or failing to protect their smartphones and tablets with PIN codes. When devices without those protections end up being used for work, it’s just a matter of time before your company suffers a disastrous data breach. That’s why you need a BYOD policy that respects the privacy of your employees without compromising security.

On that note, it’s important that you achieve employee buy-in when formulating your BYOD policies. Far too many companies make the mistake of focusing solely on corporate interests. This leads to restrictive policies that fail to offer support for the right devices and give users the freedom they expect when using their own devices. No one will sign up for a BYOD policy that prohibitive.

The scope and purpose of your BYOD security policy

The purpose of any BYOD policy is to protect corporate data, whether it’s being transmitted from or stored on employee-owned devices. This means defining an acceptable use policy for those devices. In particular, it concerns which corporate apps and other assets employees will be permitted to access from their personal laptops, phones, or tablets.

Other critical aspects of your security policy include security controls such as multifactor authentication or web browser security certificates. Also, your policy should clarify what sort of support is available from your IT department should any issues occur.

Mobile device management and containerization

MDM software provides a convenient way for administrators to centralize the management of various devices. It tends to offer a better balance between control for the business and freedom for its employees. MDM solutions also provide the tools you need to safely integrate devices into the company network while giving administrators the controls they need to enforce BYOD security policies.

One recent development is containerization, which allows a portion of the storage space on a device to be segregated from the rest so that it can be controlled and monitored as a company-owned asset. It’s increasingly likely to be offered as part of a modern MDM solution thanks to the fact it allows employees to retain complete control over their own devices for personal use while protecting corporate apps and data with separate login credentials and security policies.

Device and application control

BYOD policies should only allow devices that meet certain criteria since there are no universal standards. However, there are a few best practices you should follow, such as disallowing jailbroken devices or those running operating systems that are no longer supported by their original manufacturers. It’s also a good idea to avoid enroling devices that your IT department isn’t familiar with.

Another important area of consideration with BYOD is application control. Some businesses go so far as to prevent all access to app stores, while others attempt to block app categories like games and apps that hinder productivity. Unsurprisingly, such an approach isn’t very popular among most employees. If you want to blacklist or whitelist certain apps, then you’ll need to be prepared to provide company-owned devices to anyone who isn’t ready to agree to that.

Founders Technology Group helps companies in Eastern Connecticut and North Carolina reduce and mitigate digital risk with a full range of managed services and IT expertise. Call us today to schedule your first consultation.