Many companies are under a lot of pressure to allow personal mobile device use on the enterprise wireless network. Allowing BYOD provides plenty of advantages: enhanced productivity, saves money, and increases worker satisfaction. Many have already adopted BYOD, yet some are still fearful that this might cause significant challenges for IT departments. Either way personal mobile devices are coming to your secure wireless network, even if you don’t plan for them. To minimize risks like security vulnerabilities, support costs, and possible liability issues, companies should have a well-thought-out and clearly defined BYOD policy.
Here are some tips to help in developing an effective BYOD policy for your enterprise wireless network.
1. Device Selection
You need to start out by deciding what devices are permitted. Now there are many device choices, so it is important to decide just what you mean when you say "bring your own device." You may really mean bring your own iPad but not your other tablets? It’s important to make it clear to employees who are interested in BYOD which devices you will support and which you will not.
There is a lot of sensitive information the mobile devices connected to your corporate systems have access to. They need to have a complex password attached to their device at all times. Many people don’t even have a password or lock screens on their personal devices, because it interferes with their quick access, so this needs to be addressed to prevent any a security breach. The use of antivirus apps, other security software and firewall settings should be covered in your BYOD policy as well.
You must decide what apps will be allowed or banned otherwise called whitelisting or blacklisting apps. A BYOD policy should explain that IT has the authority to prohibit the use of certain apps that might threaten the security or integrity of the corporation. This applies to any device that will connect to your environment, whether corporate- or personal-issued.
4. Reimbursement Policy
Deciding whether to pay for your users’ devices monthly services either partially, in full or not at all is completely up to you. Whatever you decide you do need to explain exactly what your organization will and will not cover. Some companies cover a certain percentage and some cover up to a certain amount. The amount your corporation covers and the details should be clearly explained in your BYOD policy.
We’ve all had issues come up with mobile devices. To prevent your IT staff from being swamped with users requesting help, you can define a clear service policy specifically for your BYOD mobile devices. You need to have boundaries in place that address things like support for apps, loaner devices, limiting help desk tickets, etc. Addressing things like this and any other potential problems you think might come up can prevent misunderstanding later on when questions start popping up.
6. Acceptable Use Policy
It’s crucial that organizations identify which functions a given user can access, and what overall behaviors are acceptable. You need to be protected from users who may have, for example, illicit materials on their mobile devices. Chances are you’ve probably already got an acceptable use policy set in place for your corporate owned devices, so you can integrate your BYOD policy with your acceptable use policy already in place and add on from there.
7. Employee Departure Plan
You should carefully consider what your employee exit-strategy will be. You can choose to disable access or even a mandatory device wiping could be required. You should consider how you will back up the user’s personal photos, apps, video, etc. before the mobile device is wiped. However you decide to do so, you should come up with a clear plan for your employees leaving your organization and share it with them ahead of time so they know what to expect and you have the methodology down.
After your BYOD policy has been executed, to finish things up you need to have a written agreement in place for every mobile device user on your network. With an agreement you can be sure to raise awareness about the policy and its importance. Having them sign a written agreement also protects organizations in the event of a violation or dispute over the policy. A BYOD policy agreement should be very precise and clear to prevent any confusion or misconstructions about any aspect of the policy
These 8 tips should be a part of any good BYOD policy. If you have not embraced BYOD yet, get ready, because its proliferation will only continue to accelerate. Here at SecurEdge Networks, we specialize in building completely secure enterprise wireless networking solutions and always plan for the future of mobile devices. We can help address any potential issues up front and work on the optimum design so you can take full advantage of the many benefits of BYOD on your enterprise wireless network. Contact us here with any questions about BYOD or for a free consultation. We are always happy to help!