Many employees like to bring their own smartphones, tablets, etc. into work and use them for work purposes – it’s a lot more convenient than having to carry two of everything all the time! Using your own device has become even more commonplace in the last two years.
However, despite these trends, on face value, it appears that many employers have yet to create a policy to cope with this increase in the use of personal devices, something that is critical to protecting both the employer and employee. If you’re not going to impose an outright ban on the use of personal devices (virtually impossible) then you need to create a policy of who gets access and who doesn’t.
To create a working policy regarding personal devices, you need to understand the problems associated with employees using their smartphones or tablets in the workplace. These include potentially introducing malicious websites/apps to access your network; third parties obtaining lost or stolen devices allowing them to access address lists, documentation and other confidential data that is stored on a company network; the personal information that is stored on employee devices getting mixed up with company data; and the risk that employees could use jailbroken devices from which proprietary security applications have been removed. Given all these risks, it’s well worth running a professional risk assessment to ascertain how vulnerable your system is.
However, there are some benefits to allowing employees to use their own devices. When employees use their own devices, they are more productive and can work remotely. In addition, they are paying for their own device and contracts and this keeps your costs down.
If you decide the benefits of personal device use outweigh the risks, you need to create an effective personal device policy. It is imperative that this is straightforward and avoids any technical language. Give your employees a list of apps they can use for work purposes and ask them to confine their activities to those. Mandate security software; pay for it if you have to. Finally, train your employees on the safe use of their own devices on your network.
If any of this seems problematic, get in a professional to help you create a safe policy; a few hundred dollars spent now could save you many thousands in the future.