5 Proven Tips for a Successful BYOD Program
You reach back and hand your 5-year-old daughter your iPhone.
“Listen, just put on ABC Kids and watch Bluey…so I can…concentrate…this traffic is horrendous.”
The local council had filled the potholes, only for them to fall apart again. But truthfully, the roads are hidden obstacle courses currently. And peak hour is your new nightmare with traffic back to pre-pandemic levels.
Just navigating in the wild, wet weather and bumper-to-bumper crawl along Dandenong Road, you know it’s easier to cave. Anything to stop the continuous whinging in the back seat.
So you give in, passing your iPhone to entertain the little one.
But you should have remembered that you were using Microsoft Teams to send sensitive information to a workmate. Now, your daughter is on MS Teams, sending her own messages.
You see, it is that easy to access secure IT systems when your business has allowed a “Bring Your Own Device” (BYOD) program.
And you thought she was watching Bluey and Bandit…
The uptake of smartphones led to an opportunity for software developers to create business apps to solve common workplace problems. With the convenience of anywhere, anytime access, smartphones changed how and where you could work.
60% of endpoints in a company network are smartphones, according to Microsoft. And with smartphones making up the majority of endpoints, they also complete 80% of the work. But many Melbourne businesses need to pay more attention to implementing measures to reduce cyber threats.
Many are employee-owned mobile devices, which can be a cost-effective way for businesses to remain productive. And your employees only need to carry one device. So does using a personal device for work leave your business vulnerable to hacking?
83% of companies have introduced a BYOD policy. It’s easy to implement securely, but many business leaders need to know which devices connect to their systems. Or even which devices have data stored on them.
Here are five ways to ensure you run a secure and productive BYOD program:
1. Introduce a BYOD policy
Your business must have a clear policy for your Bring Your Own Device program. If you don’t have a policy that you implement and communicate to your employees, you are leaving your business exposed to cyber criminals. For example, employees may connect their devices to public WiFi, so they must understand the potential security risks.
But a policy alone is not enough. For example, spend time investing in regular training and upskilling employees around the BYOD policy, so they fully understand how to use their devices securely.
2. Review and update your BYOD policy regularly.
You should review your BYOD policy regularly to keep it ‘evergreen’. When your policy appears dated, your employees may decide it’s no longer relevant.
And ignore it.
So taking time annually to review your policy’s effectiveness and its fit for purpose is critical.
3. Use Zoom Phone (VoIP) for work-related calls
Have you considered what happens when an employee leaves and they have given out their personal phone number? Surprisingly, 65% of employees admitted to handing out their phone numbers to clients before the pandemic. Most said this was due to moving from the office’s desktop to mobile phone. For example, they were walking to a conference room for a meeting. But, of course, once a client has a direct phone number for the employee, they are likely to save it to call next time.
Imagine the miserable customer experience your clients have when they call that phone number in the future. And the employee has resigned. Not only that, but they don’t return the call or tell you about it.
That’s why choosing a Zoom Phone (VoIP) can resolve these issues by providing one single number for each employee. This way, your business owns the allocated phone number. Your employees can make and receive calls through their assigned business numbers. It doesn’t matter if it’s on their laptop or mobile phone; they can effortlessly transfer the call.
4. Restrict what data employees can save
Before the pandemic, many employees used their devices, such as mobile phones, for work. Now, many employees use their personal computers for remote work, which can lead to an increased loss of control of business data across personal devices. To prevent security breaches, you should restrict the types of data your employees can store on their devices. And just as important, you should include that data in your business backup.
5. Enforce regular updates
Failing to update or patch your employee’s personal devices increases the risk of a data breach. All endpoints must be regularly updated, including those owned by employees. Some business owners need help to ensure employees keep their devices updated. So, they engage a managed service provider (MSP) to help administer their endpoints. An MSP can set up automated updates and push them to all devices connected to your network. This process happens seamlessly without raising any employee privacy concerns.
With the remote monitoring and management (RMM) platform, you can improve your IT system’s security. We can also use a Mobile Device Management (MDM) system to secure your phones and tablets. An MSP can help you identify and safelist devices for your network. And by safe listing, you can block devices to exclude in your endpoint manager.
Bonus: Ensure you properly offboard your employees
What happens when an employee resigns from your business?
Do you have an established process for digitally offboarding them?
Will they still have access to their work email on their devices? Passwords?
You need to ensure your exiting employees are digitally offboarded. You must copy and remove any company data saved on employees’ personal devices. And you deauthorised their devices from your network, too.
Do you need help with endpoint security?
If you need guidance or support around how to run a secure BYOD program, we can help. But first, let us review how your business uses personal devices and recommend the best approach.
Contact us today for a free consultation.
About the author
Yener is the founder and Managing Director of Intuitive IT. Prior to running his own business Yener worked for a number of corporate organisations where he gained invaluable experience and skills, as well as an understanding of how IT can complement and improve business outcomes.