Cisco Blogs


Cisco Blog > Small Business

5 Mistakes to Avoid When Implementing a BYOD Policy

April 2, 2014
at 12:15 am PST

With about 90 percent of Americans owning a cellphone and 58 percent of them having a smartphone, it’s no wonder that BYOD — Bring Your Own Device — is growing in popularity in the workplace. Not only do businesses benefit by saving money, but employees are able to use their devices to connect to their office’s network from anywhere.

With responsibility comes risk, though. Here are five mistakes to avoid when implementing a BYOD policy.

Not Training Employees Properly

As with any other new program you put in place, you need to provide the proper training so that everyone involved — your employees — are aware of the risks they’ll face. It’s easy to overlook training when implementing a BYOD policy because people are using their own devices, but that’s exactly when mistakes happen, and then the company becomes vulnerable to external (or sometimes internal) threats. Make sure to educate your employees on what they can and can’t do on your wireless network, and make them sign paperwork so that they’re held accountable.

Not Including a Device Wipe Policy

When you allow employees to connect to your network and hold sensitive information on their devices, it’s important that you have safeguards in place just in case they lose their phones or it gets stolen. One of these safeguards includes being able to erase all the company data on the phone in an instant. Remember to make sure your employees are aware that you’re able to perform this operation so they can back up the data they want to save. Be sure to have them sign a waiver so they don’t have legal recourse in the event their phone is lost or stolen.

Not Taking Into Account That Some Apps Aren’t Safe

When training your employees, it’s important to highlight the importance of carefully considering which apps they can download and which ones they should stay away from. It’s best to simply think that most apps available for download online will steal your sensitive data if you download them. Make sure your company restricts access to any apps that are known to cause problems. Although you want to trust your employees with BYOD, you must monitor their activity so you can institute safeguards to protect them and, more importantly, your company.

Not Creating a Set of Standards for Employees to Abide By

The point of implementing a BYOD policy is to save the company money while providing flexibility to employees. With that said, BYOD can easily offer too much freedom and liberties that employees simply can’t handle without a bit of control. When introducing a new BYOD policy, make sure that you create a set of standards for employees to abide by. These standards should be followed by the person who owns the data, the person who owns the device, and the person who owns the software. Make sure to strictly enforce these standards and have employees sign a document acknowledging them.

Not Reviewing the Company’s Network Issues

No matter whether employees are using smartphones or Samsung tablets, it’s likely they’ll run into an issue when using the company’s wireless network. These issues can range from malware and viruses to loss of security and support issues. It’s important for companies to invest in a support system — no matter the cost or the inconvenience — that’ll help employees overcome these common obstacles. By investing in this support system, reviewing network issues, and taking care of them, you’ll ensure that your company’s applications and sensitive data stay protected at all times.

It’s predicted that 70 percent of mobile professionals will be conducting their business on their own smartphones by 2018. Fifty-one percent of those people will be connected to unsecured networks on their smartphones. With so much risk and reward of BYOD, it’s important companies take every measure possible to safeguard themselves.

Are you working at a company that has a BYOD policy? How effective has it been thus far?

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments.


  1. I would include the point about installing any kind of network or IT infrastructure monitoring softwar to ensure the company network of all kinds of malware and any other potential threats. I think it is going to be more effective than any other ways. For example, Anturis, Pingdom or Cacti can be quite effective.

       0 likes