Implementing a Perfect BYOD Policy

By CIOReview | Friday, September 2, 2016

Mobile phones, laptops, and tablets have taken enterprises by storm and their role in the success of business operations is quite necessary in today’s world. According to Gartner, “by 2016, use of mobile apps will surpass that of Internet domain names, making mobile apps the dominant means of engaging with brands.” In such a scenario, apps that presents legal and security concerns should not be permitted in any business environment. Moreover, implementing a BYOD policy can invite various possible attacks on business-critical data as mobile devices are the weakest links when it comes to security. A seamless ‘Bring Your Own Device’ or BYOD policy should take into consideration many important factors like stringent security policies, type of devices, and types of apps permitted.

Increased risk of data leakage, vulnerability exploitation, theft of enterprise devices, mixing of personal and business data, and modification of IT infrastructure can be some serious concerns in BYOD programs.

Steps to Enforce an Agile BYOD Policy

1. DEFINING SECURITY POLICIES: Employees have their own discretion about having their passwords over lock-screens on their devices. This shouldn’t bother them as the information on the devices is much more sensitive than their comfort. The security policy should be panned out exclusively to the employees and the guidelines should be explained extensively. The device security policies should be made comprehendible and not complex. In case of theft or loss of device, the recurring process to wipe out data should be carried instantly to ensure the data is protected.

2. PERMITTING SPECEFIC DEVICES: Various employees have different kind of devices with different IOS supporting them. Enterprises need to know what actually supports their software and how it would be feasible for both the employees and company to ensure their seamless working in their IT infrastructure. Various enterprises don’t support Apple IOS but support Android. Similarly BlackBerry has been in business for long, but now its trend is fading away. So enterprises need to decide exactly what devices they want to permit. 

3. CONSIDERING ACCEPTABLE USE POLICY: This is considered as a grave issue in terms of keeping raincheck on the employees when they share the VPN. Organization need to set the boundaries for the access of certain websites and content.  The transmission of inappropriate material over the network of the enterprise can be a problem and the enterprises need to set limits to it. Enterprises need pan out basic monitoring techniques to ensure these violations are being reported and a proper policy to report them.

4. SERVICE POLICY FOR EMPLOYEE DEVICES: Employees need to be briefed about level of services provided by the company for their devices. They need to identify the line where they have access the device or not. Enterprises need to explain their employees the security of the personal data on the devices and how far can IT support of the company address their issues. Issues like, the level of support to be offered, support for applications on devices and support for hardware malfunctioning of the device need to be addressed prior to implementing BYOD technology.

5. DEFINING THE EMPLOYEE EXIT STRATEGY: One can’t expect an employee to stay with the company forever and if he/she happens to own a company device, enterprises need to have a strategy to wipe out all the critical enterprise data from the device when he/she leaves. Not only that, company should have a policy to retrieve and save all the personal data of the employee from that device. Generally, companies prefer to disable email and the synchronization from the device which don’t act as clean getaway, IT experts need to totally wipe and reconfigure the device keeping the personal data in mind.


In the coming times, the realm of BYOD will see more devices thronging the IT infrastructure and CIOs CEOs need to have a vision to mold the policy with the rising technological changes. Artificial intelligence is predicted to play a big role in shaping up the BYOD technology in future. As BYOD provides benefits endlessly it also needs a proper planning and policy to make sure it works seamlessly.