This pressure might leave you wondering the keys to developing a BYOD policy and how best to implement it. These seven core ideas should be a part of any good Bring Your Own Device program. Each idea comes with many important questions to ask yourself, your IT associates and your executive team while developing a BYOD policy.
1. Specify What Devices Are Permitted.
It was simple and clear in the old days of BlackBerry services-you used your BlackBerry for work, and that was it. Now there are many device choices, from iOS-based phones and tablets and Android handhelds to Research in Motion's Playbook and many others.
It's important to decide exactly what you mean when you say "bring your own device." Should you really be saying, bring your own iPhone but not your own Android phone? Bring your own iPad but no other phones or tablets? Make it clear to employees who are interested in BYOD which devices you will support%mdash;in addition to whatever corporate-issued devices you continue to deploy-and which you won't.
2. Establish a Stringent Security Policy for all Devices.
Users tend to resist having passwords or lock screens on their personal devices. They see them as a hurdle to convenient access to the content and functions of their device. However, this is not a valid complaint-there is simply too much sensitive information to which phones connected to your corporate systems have access to allow unfettered swipe-and-go operation of these phones.
If your users want to use their devices with your systems, then they'll have to accept a complex password attached to their devices at all times. You need a strong, lengthy alphanumeric password, too, not a simple 4-digit numerical PIN. Check with your messaging administrators to see what device security policies you can reliably enforce with your software.
3. Define a Clear Service Policy for Devices Under BYOD Criteria.
It's important for employees to understand the boundaries when questions or problems creep up with personal devices. To set these boundaries, you'll have to answer the following questions.
- What level of support will be available for initial connections to your network from personally-owned devices?
- What kind of support will IT representatives provide for broken devices?
- What about support for applications installed on personal devices?
- Will you limit HelpDesk to ticketing problems with email, calendaring and other personal information management-type applications?
- What if a problem with a specific personal application is preventing access to the apps you have delineated previously that you will support?
- Is your support basically a "wipe and reconfigure" operation?
- Will you provide loaner devices for employees while their phone or tablet is being serviced?
4. Make It Clear Who Owns What Apps and Data
Sign up for CIO Asia eNewsletters.