Eight steps to a successful BYOD strategy
BYOD (Bring Your Own Device) can mean lower costs and increases in employee productivity; or it can cost you your business.
That’s right, although the implementation of BYOD does bring many benefits, it is not without risk.
Poor implementation and undeveloped policies can create vast security and privacy concerns, increase the risk of distraction, and sometimes introduce legal difficulties.
Fortunately, a well-thought out strategy will help to mitigate these concerns, while maximising the advantages.
With that in mind, here is our 8-step process to a successful BYOD strategy.
Step 1: Appoint a core team
The first step is to appoint a small dedicated team to handle all things BYOD. They will deal with everything from analysing your current BYOD situation to devising BYOD goals alongside the best strategy to achieve these.
While the responsibility of BYOD may largely sit with the CIO, a multidisciplinary team is required to develop a coordinated policy. For example, IT staff may take the lead in selecting technologies and looking at security risks, but the broader details will need to be looked at with staff from HR, legal and other business units.
Step 2: Define and align goals
Over the years, it’s become increasingly clear that the most successful BYOD deployments are those that have been tied to the broader business initiative. Granted, this may not have been possible in some cases throughout Covid19 due to the rush surrounding implementation. However, to develop a sustainable strategy for the future, your BYOD objectives should be set with a clear knowledge of how they fit with the business’ overarching strategic goals.
By answering the question of “why are we doing this?”, you will undoubtably find the process of agreeing on the how far easier.
Step 3: Understand security and compliance risk
Security and compliance are likely to be a concern and key consideration for any organisation. However, requirements will vary by company and division. For instance, certain businesses may process highly sensitive data on a daily basis, such as personal medical records; whereas others are required to keep and record phone or email interactions for regulatory purposes, such as those monitored by the Financial Services Authority.
Whatever you circumstance is, a vulnerability assessment will be necessary to establish what the exact risk threshold of implementing BYOD on your business is. As a result, you will be able to look at risk management measures, remote access controls, how devices are monitored, and more.
Step 4: Select scope of policy
There is no one-size fits all approach when it comes to selecting the scope of your policy. A strong policy though will include the following in a clear and concise format for staff:
- Acceptable use - which activities are permitted/prohibited for business or personal use
- Devices - what devices are compatible/not compatible
- Apps - which apps are permitted/not permitted, including download of new apps
- Ownership of apps and data and their management
- Support and service - how to deal with connectivity issues, configuration of apps, forgotten passwords, etc.
- Security - what measures will be put in place to prevent unauthorised access to business data and systems, enable remote management of device, etc
- Liabilities – e.g. for costs associated with the device or for the loss of data or device
- Termination of access – e.g. for non-compliance with policy, or an employee exit
You will also need to provide staff with guidance on:
- Keeping a device secure through software updates
- How to create strong passwords and how often they need to be reset
- How to handle storage of personal data on devices
Step 5: Establish processes
Th next step is to establish BYOD processes for your workforce. Mature processes will streamline the setup, allowing your employees, and therefore the business, to be more productive. For example, consider elements such as your enrolment process or if you require an agreement to be signed by staff to make sure they understand the policy.
Again, this needs to be laid out in a short and to the point format, making it clear what is expected of staff from the start.
Step 6: Choose tools and resources
When it comes to BYOD, there are a range of solutions available to manage associated risks. Choosing the most suitable solution will depend on your goals and objectives, as well as security and audit requirements. Most commonly, businesses enable the setup via Mobile Device Management (MDM) or a secure container approach. MDM is the administration of devices in the workplace, including installing, securing, monitoring, integrating, and managing of those devices. A secure container on the other hand uses software to create an isolated environment for data, applications, and other business resources.
Many businesses find it beneficial to seek external IT help when choosing the BYOD tools and resources. A third-party IT vendor will have an extensive overview of the BYOD landscape and know the right fit for your organisation.
Step 7: Educate employees
By now, you’re most likely aware of the importance of a BYOD policy and what to include. But without employee buy-in, the setup will fail. Indeed, if staff feel threatened by solutions or overwhelmed by policies, they may be less likely to follow the right processes – thus putting your business at risk.
BYOD education should start immediately when users begin working for your business and continue with occasional refreshers. Training can run in person or online, and should focus on raising employee awareness, as well as keeping everyone up to date on best practices.
Step 8: Revisit your strategy
Once you’ve gone through these 7 steps, the job is not over. BYOD is a complex, ever changing landscape that requires you to revisit it regularly. Your team need to dedicate time to conducting reviews of processes, policies, and tools, as well as assessments of security risks. At a minimum this needs to be done once a year. Depending on the nature of your organisation though, every quarter may be more appropriate.
Conclusion
While employees enjoy the convenience and familiarity of working on their device of choice, BYOD can be a major headache for IT departments – let alone amid a global pandemic where CIOs and business leaders are under more scrutiny than ever to facilitate secure home working at pace. But the end result can be well worth the effort. Undeniably, following these 8-steps will ensure you create a solid strategy that will mean more than just increased productivity. Employee morale soars, hardware costs are cut, and staff can work from anywhere with ease.
With over 16 years of experience within the IT sector, the entrust IT Group have overseen may BYOD projects for customers. Each of them with their own unique needs, we worked with them to develop policies and processes that met these. By coupling this work with the right solution, whether that be MDM or a secure container approach, they were able to future-proof their business and pivot quickly to home working throughout Covid19, without concerns over security and compliance. If you’re unsure which way to go, or lack in expertise, we can help – email enquiries @entrustit.co.uk or call 0330 002 0045.
Subscribe here!
Recent Posts
Posts by tag
- technology (124)
- Security (97)
- cyber security (85)
- IT Security (81)
- Cloud (65)
- Microsoft 365 (63)
- modern technology (62)
- Managed Service (60)
- business (60)
- cloud computing (59)
- cyber attack (54)
- workplace (54)
- IT support (53)
- cloud it (53)
- Microsoft Teams (52)
- microsoft (51)
- Working from home (50)
- productivity (47)
- office (46)
- cybersecurity (44)
- office 365 (44)
- IT (41)
- Uncategorised (38)
- employees (38)
- entrustit (38)
- flexible work (36)
- Password Security (34)
- Remote (33)
- efficiency (31)
- Hosted Workspace (30)
- hosted desktop (30)
- schools (29)
- independent schools (28)
- school ict (27)
- collaboration (26)
- 2023 (25)
- Cyber (24)
- cyber privacy (22)
- public cloud (22)
- computing (21)
- email security (20)
- password (20)
- it support bournemouth (19)
- passwords (19)
- entrust (18)
- hosted applications (18)
- VoIP (17)
- cloud voip (17)
- covid19 (17)
- hacking (17)
- private cloud (17)
- data (16)
- it support dorset (16)
- teamwork (16)
- Coronavirus (15)
- GDPR (14)
- hackers (14)
- office 365 support (14)
- ransomware (14)
- IT audit (13)
- Protection (13)
- cloud cctv (13)
- covid-19 (13)
- hack (13)
- it support hampshire (13)
- management (13)
- network (13)
- Hosted Desktop and Applications (12)
- Windows Virtual Desktop (12)
- cctv (12)
- hardware (12)
- internet (12)
- it consultancy (12)
- 2020 (11)
- 2022 (11)
- hybrid cloud (11)
- internet safety (11)
- IT costs (10)
- Microsoft Planner (10)
- data breach (10)
- it consultancy bournemouth (10)
- it support southampton (10)
- it support winchester (10)
- phishing (10)
- vulnerabilities (10)
- windows (10)
- windows 10 (10)
- Backup (9)
- bitwarden (9)
- digital (9)
- it consultancy hampshire (9)
- telephony (9)
- attack (8)
- communication (8)
- desk phone (8)
- education (8)
- eu (8)
- it consultancy dorset (8)
- it consultancy southampton (8)
- msp (8)
- planning (8)
- software (8)
- staff (8)
- uk (8)
- Google (7)
- OneDrive (7)
- infrastructure (7)
- mobile (7)
- offsite backup (7)
- outsource (7)
- partnership (7)
- 2019 (6)
- Apple (6)
- Hampshire (6)
- IT Director (6)
- Skype for Business (6)
- apps (6)
- architect (6)
- child protection (6)
- cloud storage (6)
- european union (6)
- hacks (6)
- legal (6)
- legal it (6)
- mobile phones (6)
- onsite backup (6)
- password manager (6)
- remote desktop service (6)
- usecure (6)
- virus (6)
- 3d design desktop (5)
- Azure (5)
- Bournemouth (5)
- Desktop (5)
- ISO (5)
- News (5)
- Risk assessment (5)
- Windows 7 (5)
- awards (5)
- brexit (5)
- designer (5)
- personal data (5)
- resources (5)
- smartphone (5)
- website (5)
- Access Management (4)
- BYOD (4)
- Dorset (4)
- Facebook (4)
- Government (4)
- SharePoint (4)
- VPN (4)
- WannaCry (4)
- ios (4)
- law (4)
- legacy (4)
- proactive (4)
- remote learning (4)
- 2021 (3)
- 2024 (3)
- Attacks (3)
- Case Studies (3)
- General (3)
- Google Drive (3)
- Help (3)
- IP (3)
- Microsoft Forms (3)
- NHS (3)
- New Forest (3)
- Zoom (3)
- big switch off (3)
- budgets (3)
- citrix (3)
- closed cloud (3)
- ddos (3)
- digital hub (3)
- disaster recovery (3)
- guide (3)
- instagram (3)
- internet of things (3)
- meetings (3)
- sme (3)
- storage (3)
- surrey (3)
- teaching (3)
- trump (3)
- twitter (3)
- 2016 (2)
- 2018 (2)
- CAD (2)
- DR (2)
- DR planning (2)
- Environment (2)
- Firewall (2)
- Gen Z (2)
- ISBA (2)
- Local (2)
- Macs (2)
- Microsoft Copilot (2)
- PaaS (2)
- Tiva (2)
- android (2)
- artificial intelligence (2)
- award winning (2)
- bcs (2)
- broadband (2)
- camcloud (2)
- computer performance (2)
- digital transformation (2)
- downtime (2)
- dropbox (2)
- exhibition (2)
- finalist (2)
- innovation (2)
- legalex (2)
- london (2)
- macos (2)
- online meetings (2)
- organisation (2)
- paypal (2)
- predictions (2)
- president (2)
- strategy (2)
- united kingdom (2)
- us (2)
- video conferencing tools (2)
- 1998 (1)
- 5G (1)
- AI (1)
- AMD (1)
- ARM (1)
- Abbey Hill (1)
- Aldwickbury Park (1)
- BBC (1)
- BUNKERS! (1)
- Birchwood Park (1)
- Burhill (1)
- Burhill Group (1)
- Burnout (1)
- CEO (1)
- ChatGPT (1)
- Cloudtango (1)
- GPT-4 (1)
- Go Integrator (1)
- Hoebridge (1)
- Ignite 2018 (1)
- Ignite 2020 (1)
- Leaders (1)
- Loop (1)
- MFA (1)
- MSP Select 2024 (1)
- Market (1)
- May (1)
- Mr Mulligans (1)
- Multi Factor Authentication (1)
- MyAnalytics (1)
- Ninja Warrior UK (1)
- PBX (1)
- PM (1)
- Power BI (1)
- Privacy Shield (1)
- Ramsdale Park (1)
- Redbourn (1)
- Regulation (1)
- Surrey Business Awards (1)
- Sydenhams (1)
- Tech Company of the Year (1)
- The Business Magazine (1)
- Thornbury (1)
- WCry (1)
- WannaCrypt (1)
- Wifi (1)
- Wycombe Heights (1)
- acquisition (1)
- afc bournemouth (1)
- afcb (1)
- ashley madison (1)
- b2b (1)
- bandwidth (1)
- battersea (1)
- beach (1)
- big data (1)
- bloatware (1)
- blockchain (1)
- builders merchant (1)
- cambridge analytica (1)
- canada (1)
- cia (1)
- clinton (1)
- cnn (1)
- copilot (1)
- copilot pro (1)
- copyright (1)
- cryptocurrency (1)
- dark web (1)
- dns (1)
- donald (1)
- dyn (1)
- east grinstead (1)
- election (1)
- equality (1)
- executive order (1)
- farnham (1)
- fax (1)
- football (1)
- gchq (1)
- grinstead (1)
- intel (1)
- intelligence (1)
- josh widdicombe (1)
- landmarks (1)
- learning (1)
- legal technology forum (1)
- machine learning (1)
- meltdown (1)
- millennials (1)
- mirai (1)
- no-deal (1)
- onsite (1)
- paper (1)
- patisserie valerie (1)
- performance reviews (1)
- pound (1)
- premier league (1)
- procrastination (1)
- recruitment (1)
- research (1)
- serval systems (1)
- sharefile (1)
- smishing (1)
- snowden (1)
- solent (1)
- solent business awards (1)
- solentBA (1)
- spectre (1)
- sterling (1)
- storm (1)
- talktalk (1)
- trumppresident (1)
- ukitawards (1)
- united states (1)
- usa (1)
- vault 7 (1)
- vitality stadium (1)
- whatsapp (1)
- white (1)
- white house (1)
- wikileaks (1)
- wireless internet bournemouth (1)
- wireless internet southampton (1)
- women in business (1)
- xiongmai (1)
- year (1)