What’s a Bee-YOD (BYOD)?

What is a BYOD anyway? The next hipster dog breed?

BYOD stands for Bring Your Own Device. You’ll normally see this term used in reference to devices that are brought into your office by your employees and contractors.

If you haven’t addressed it yet then now is the time! One of your most important business assets, your data, is walking out the door every day on your employee’s phones. Until you get a grip on how this data is being handled your business is at risk.

 

What’s in a good BYOD policy?

You can get a grip on your data by creating a Bring Your Own Device Policy. This policy addresses things like how your employees can use their phones while working and what data can be stored on their phones. It also can specify what you can do to their phone if an employee leaves your company.

These are all sensitive issues so it’s important to be very careful when creating your BYOD policy. The BYOD policy is a balancing act between protecting your business assets and infringing into your employees’ personal space.

 

SAMPLE BYOD

EMPLOYEE must agree to the terms and conditions set forth in this policy in order to be able to connect their devices to the THE COMPANY network and databases.

• Acceptable Use
  1. Personal devices that run Apple iOS, Google Android, or Microsoft Windows are allowed.
  2. Lost or stolen devices must be reported to THE COMPANY within 24 hours. The EMPLOYEE is responsible for notifying their mobile carrier immediately upon loss of a device.
  3. THE COMPANY allows any personal use of EMPLOYEE-owned devices during business hours as long as the device does not distract the EMPLOYEE. It is up the supervisor of the EMPLOYEE to determine if personal use of devices is causing a detrimental effect on the employee’s productivity.
  4. The EMPLOYEE is expected to use his or her devices in an ethical manner at all times.
  5. The EMPLOYEE should install Webroot on any devices covered by THE COMPANY’s BYOD policy. THE COMPANY will provide this software at no additional cost to the employee.
• Security
  1. Written approval must be given before any EMPLOYEE -owned device will be allowed to connect to any COMPANY-owned system.
  2. The device must lock itself with a password if it’s idle for no more than two minutes.
  3. After five failed login attempts, the device must lock and erase.
  4. The Employee’s device may be remotely wiped if:
     1. The device is lost
     2. IT detects a data or policy breach, a virus or similar threat to the security of THE COMPANY’s data and technology infrastructure on the Employee’s personal device.

• Risks/Liabilities
  1. While THE COMPANY will take every precaution to prevent the Employee’s personal data from being lost in the event it must remote wipe a device, it is the Employee’s responsibility to take additional precautions, such as backing up email, contacts, etc.
  2. THE COMPANY reserves the right to revoke these privileges if users do not abide by THE COMPANY Acceptable Use policies for safeguarding information and proper usage.
  3. The employee assumes full liability for risks including, but not limited to, the partial or complete loss of company and personal data due to an operating system crash, errors, bugs, viruses, malware, and/or other software or hardware failures, or programming errors that render the device unusable.

 

If you need help creating a BYOD policy then please give us a call at 512-832-6209. We’re here to help.