Cisco Blogs
Share

How to Properly Implement a Secure BYOD Policy in Your Small Business


October 13, 2014 - 2 Comments

As technology pushes small businesses toward the use of smartphones and other devices in the workplace, securing your company’s privacy is not an easy task. However, if you follow these simple rules, integral information will not land into the wrong hands. Here are some tips on how to make bring your own device, or BYOD, a benefit to the workplace without worrying about security.

1. Establish the Objective

Image_via_flickr_by_Sean_MacAntee

Image via flickr by Sean MacAntee

When deciding on a BYOD policy, you must first identify what you plan to achieve through its implementation. Since there are so many security risks involved, a plan is imperative. If you can’t define the point of it, you might as well abandon it. While security is a risk, plans that are well researched have several advantages including increased employee work rate, improved customer satisfaction, and reduced cost on technological upgrades.

2. Decide What Devices Are Allowed

The next step is deciding what devices to allow. If you only want iPads or Androids, tell your employees specifically. If you are ever in doubt, purchase your own company devices to hand out to employees. While this may seem like an unnecessary expenditure, it will put your mind at ease. It’s also a tax-deductible expense. Check out these area-specific BYOD instructions to connect each of these devices to your company network.

3. Make Security Policies

Since employees are able to access sensitive information on your servers from home or anywhere else, bring forth a policy to curb potential pitfalls. The first thing to do is to decide if you are able to handle this task on your own. If not, you may want to consider hiring an IT firm to overlook the security of your BYOD security. You could also have authentication, as well as passwords. This means that your system will periodically require password updates or even a new password for each log-in, each which goes a long way to preserving important information.

4. Combine BYOD Policy with Acceptable Use

If you don’t already have an “Acceptable Use Policy” for your business, you should strongly consider one. Not only will it curb employee distractions, but it will reduce potential risk for harmful viruses and malware. While employees will undoubtedly slip at some point, set forth rules that will lay out the disciplinary actions for such indiscretion. In addition to this, make sure that you have some sort of monitoring system in place. There’s no need to be nosy, but knowing what your workers do while on your network can save you a headache in the future.

5. Train Your Employees

Training can be the difference between increased productivity and total catastrophe. Engage in communication with your employees about the BYOD policy, and hold training seminars on a frequent basis to show them potential risks of BYOD abuse. This shows employees not only how to use their device effectively, but also that they are being monitored at all times.

6. Develop an Exit Strategy

Undoubtedly, at some point, employees will leave your company. Removing them from access to information on the network, business email, and other apps to which they previously had access can be tricky. Make certain that you figure out a way to avoid security lapse by maintaining an exit checklist. On this list, you can decide how you want to shut down their access. Some of the most common security checks disable company emails, wiping company-issued devices, and changing the passwords to any company accounts used in their position. Once these steps are completed, you can stand assured that your company’s private information is secured.

Once you have considered all of these aspects, it is finally time to decide whether or not implementing a BYOD policy is in the best interest of your business. While there are downsides, the key advantage might lie in keeping up with your competitors. Remaining a forward-thinking business not only attracts new customers, but helps you to retain them in the future.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

2 Comments

  1. "Training can be the difference between increased productivity and total catastrophe." This is so true! At Computerbilities, a business IT service provider, we have seen it happen time and again where our client's employees didn't know how to avoid different security risks and they ended up accidentally exposing their company's network to viruses. Making sure that employees know what risks to look out for is a crucial step to keeping any company's data secure. So, thank you for sharing these steps for creating a secure BYOD policy.

  2. Thank you for publishing a really useful article for small businesses. In this competitive business world most of the business uses various technologies and devices. however do no awre from the security issues. There article helps to deliver the ideas to secures the privacy.