Bring your own device: get your BYOD policy right


Date: 30 April 2013

Bring your own device in action{{}}

Unlike in the photo, tablets usually have something on the screen when people use them.

Each year, small business owners are bombarded with a barrage of new acronyms and hot tech trends to watch – some of which are more applicable to a small and growing businesses than others.

But bring your own device (BYOD) is not something they can dismiss as a buzzword irrelevant to their own organisations. In fact, with a massive 40% of UK small business workers able to choose the device they work on, compared with just 20% of large enterprise workers, BYOD is more of a reality for small businesses today than their larger counterparts.

The reality is that BYOD is pervasive, whether businesses like it or not, or have a BYOD policy in place. Employees are truly driving the change, with 37% bringing non-compliant devices into their business networks before formal policies are established.

What’s more, consumer appetite for such devices shows no signs of cooling. More than six million Brits had a smartphone as well as a tablet in December 2012. The same comScore research found almost a third of all UK page views come from mobiles and tablets.

Benefits of BYOD

So what benefits could BYOD offer business? For smaller companies, there is the clear IT infrastructure and cost rationalisation for allowing employees to use their own devices. However, perhaps more significant is what BYOD promises in terms of productivity.

A Dell Quest study into global BYOD trends (PDF link) found 70% of companies believe BYOD improves employee productivity and customer response times. With the flexibility to use devices that best suit their preferred modes of working, employees have an opportunity to work more efficiently and creatively.

What’s more, as the blurring of the private and business worlds continues, employees are going to demand more from IT, so there will be an increasing need for businesses to offer a culture of enablement, rather than one characterised by limitations.

This may explain why 71% of organisations believe implementing a BYOD policy improves workforce morale, while 65% recognise it can be a valuable tool for attracting and retaining talent.

These advantages can help a business to maintain its competitive advantage and avoid getting left behind – something 59% of organisations (PDF link) feel could happen in the absence of a formal BYOD policy.

But the onslaught of multiple devices and operating systems means  businesses are grappling with the task of safely and securely enabling staff to create a personalised workspace that enhances the user experience and promotes productivity.

Creating a BYOD policy

There’s no one-size-fits-all approach when it comes to BYOD policy, but there are some key considerations for businesses:

  • Access rights and data security. Data protection is the largest pain point for businesses grappling with BYOD. As privately-owned tablets log on to corporate networks and exchange company files, it becomes harder for businesses to guarantee the accessibility, availability and protection of data.
    IT must become an enabler, ensuring data is available regardless of where and how it is stored and accessed. Business owners must account for company data that’s out and about with an employee, ensuring its security when moving between secure corporate servers and unregistered personal devices.
  • Financial and management considerations. The more devices accessing the likes of email and remote desktop, the more support issues come up, stretching IT resources. A strict policy helps minimise these costs. 
  • Accounting for the user. Users themselves are the principal security risk within an organisation. Companies not only have to deal with people bringing in devices, but also other home-owned and managed applications and services as users demand a specific experience in their work environment.
    As time goes on, more devices, operating systems, services and apps will provide a growing number of interfaces with corporate data. A company must consider how they can implement policy-based user and content management to mitigate the risks.

Crucial to any successful policy is ensuring that an employee-centric approach is taken. Companies mustn’t only consider productivity and cost-savings, but must ensure users are comfortable committing to a BYOD programme:

  • Make workflows simpler for employees. Find and implement data solutions that help integrate personal devices and traditional IT without complicating things for employees. Use desktop virtualisation to enable access to corporate content, personal content and external material in the same interface without jeopardising the integrity of corporate data from any location.
    Mobile device management systems (MDM) help a business monitor when staff send and receive email, and access corporate data and external sites - depending how the employer configures their system. Staff must be comfortable with how their personal devices are monitored for security.
  • Outline how devices may and may not be used when connecting with company resources. Outline which operating systems, apps and sites will work, and those which may have limitations. Provide alternatives, not obstacles. Prevent employees using unsafe services by providing adequate alternatives.
  • Clearly detail the security requirements for password protection, the rights of the company to lock or locate a lost device, and how much staff can expect the business to pay towards the cost of equipment and data use.
  • Take a multi-layered approach to technology. Combine numerous security technologies into a layered approach with proactive and reactive data protection. Carry out regular security audits to ensure vulnerabilities are addressed.
  • Future-proof your business. Update your business continuity plan to reflect BYOD realities. For example, make it easy to report lost devices so the company can cut access swiftly.

Far from being the current hot trend, BYOD is already happening. Those businesses able to approach it with preparation, the right technology, and an open mind will be primed for success.

Sarah Shields, General Manager and Executive Director, Dell UK.

What does the * mean?

If a link has a * this means it is an affiliate link. To find out more, see our FAQs.