He also highlighted the importance of employee education to boost their cyber situational awareness and mitigate security risks. This can be done by conducting regular, mandatory trainings about the company's policies. "Our employees are our best line of defence and as incidences have shown, many security attacks actually come from within the company. As such, if we educate our teams to be smarter, more mindful users, we significantly reduce our risk."
How to implement an effective and secured BYOD programme
Here are some tips on how CIOs can implement an effective and secure BYOD programme in their workplaces.
1. Get the opinion of your stakeholders
Before deploying a BYOD programme, it is imperative to understand if the stakeholders - especially employees - are willing to use their personal devices for work.
"While technology exists to help manage only corporate assets on employee's personal devices, there is still a gap in terms of understanding how this monitoring and control works. So a careful evaluation of the total cost of ownership (TCO)/return on investment (ROI) benefits from a BYOD strategy, as well as user education and buy-in are important considerations for IT to execute a successful BYOD strategy," said Sundaram.
In relation to that, Burns advised CIOs to conduct a dipstick survey to understand employee sentiments. "Use this as an opportunity to also gauge employees' attitudes towards data privacy and the impact it might have on your company's security."
2. Discuss the objectives and plans
Having a clear discussion of plans and objectives with the stakeholders is important to the success of a BYOD programme. As such, Miranda advised businesses to think of their desired end-goals for the project. "In today's globalised business landscape, underlying factors include empowerment, productivity, collaboration and creating better efficiencies. As such, we have to look beyond the realm of devices alone. With the greater objective in mind, it is imperative that a broader view be taken by considering many aspects in which we can successfully transform the way we work."
The business teams must then discuss the objectives with their technology partners and ensure that both teams have a similar understanding of what they want to achieve, said Burns.
Ngoh added: "End users expect a seamless experience and functionality from the start, and in most cases, IT has only one chance to get this right. A detailed strategy and design have to be in place before any BYOD policy is introduced."
Some existing policies in the organisation must also be rethought to fully realise the benefits of a BYOD programme. "To stay relevant to globalisation and new ways of collaborating, there is a need to shape our workspace and rethink workplace policies and not just BYOD policies, to better equip and empower employees," said Miranda.
Sign up for CIO Asia eNewsletters.