BYOD: Erase the Risk, Create a Policy

Posted by Amanda Nieweler

on July 17, 2015

BYOD Survey Results

The Bring Your Own Device (BYOD) phenomenon isn’t just limited to North America, nor exclusively to large organizations. Globally, a staggering 89% of leaders from enterprise and mid-size organizations support BYOD in some form. And 69% view BYOD as either somewhat or extremely positive. These are very high numbers. Organizations around the globe are embracing BYOD and this will have profound implications on how an organization provisions devices and controls network access.

Recently, tyntec, a telecom-web convergence company, conducted a BYOD User Survey, collecting data from 1,320 respondents from audience panels in the US, UK and Spain. The respondents were preselected for their employment status as working at an organization with 500 or more employees.

BYOD is the new norm. Employees expect the same features and functionalities in their work lives as they have in their home lives. stock photo smartphone on wood table

Unsurprisingly, the survey data revealed that mobile phone usage is a reality of modern business for most respondents in every market surveyed. What employees are doing now, though, is using their personal mobile device for work-related tasks. It’s also very common for employees to continue working on their mobile device outside of working hours,  reaffirming one of BYOD’s unintended consequences: the blurred lines of the normal workday.

The survey revealed that use of personal mobile phones for work purposes is widespread across the board, with the US (61%) and Spain (69%) showing significantly higher adoption than in the UK (43%).

With employees accessing the organization’s network with their personal devices, it’s essential that the organization maintains a level of control over who has access to its network and data. Employees want more control over where and how they work and what tools they use to get the job done.

The considerable adoption of personal phones in the workplace hasn’t done much to force the creation of a BYOD risk management policy. Only a small subset of the respondents reported the existence of a formal BYOD policy at work. Furthermore, this disconnect extends to reimbursement practices as survey results indicated companies largely fail to compensate their employees for work-related mobile phone usage.

Demographically, respondents split nearly evenly along gender lines – 51 / 50 men and women – with the bulk falling in the 25-55 age range and coming from organizations with a workforce of 500 or more.

To keep up with this growing trend of bringing your own device to work, a successful BYOD policy needs to be implemented carefully. It needs to boost positive outcomes and at the same time mitigate risk.

Control Level: With employees accessing the organization’s network with their personal devices, it’s essential that the organization maintains a level of control over who has access to its network and data.

Ownership & Disclaimer: Your BYOD policy needs to state clearly who owns the data that is stored on employees’ devices, and what can be done with that data. It should be very clear that the organization owns the data and has the ability to remove the data from the device.

Lost or Stolen Devices: An organization’s policy should clearly state what happens if a device is lost or stolen. The employee should immediately notify the organization, and the organization has the right to wipe all data.

Privacy Expectations: Your organization’s policy should disclose the extent to which the employer will have access to employees’ personal data and emphasize that the organization cannot guarantee employee privacy for those who chose to opt to BYOD.

Compliance with the Law: Your BYOD policy should address general compliance with laws and regulations specific to your industry.

Cost: Your BYOD policy should be clear on any expectations regarding after-hours use to prevent wage claims.

Confidentiality: Your organization’s BYOD policy should reiterate that employees must abide by all company policies related to the organization, client and vendor information.

Employee Consent: As with any organizational-wide policy, it’s recommended that the organization gets its employees to attest to the BYOD policy in writing.

Employee Termination: Your policy should clearly state what procedures happen in the event of employee resignations or terminations, in terms of BYOD devices and the data stored on them.

Find out more about building out your BYOD policy by downloading the eBook: 9 Items to Include in your BYOD Policy.

eBook: 9 Important Items to Include in Your BYOD Policy

Source:
  • http://tyntec.com/sites/default/files/uploads/tyntec-byod-summary-20150709.pdf