The Ultimate Guide to an Effective BYOD Policy - Stratix

The Ultimate Guide to an Effective BYOD Policy


Employees using their personal devices for work has escalated with more than 75% of organizations incorporating BYOD into their culture. Having an effective BYOD policy in place can help you get ahead of problems and can keep your business secure, employees productive, and operations running smoothly.

Enterprise Mobility Choices

Not all enterprise mobility is the same.

Company-Owned, Business-Only Devices (COBO)
COBO is the most restrictive policy—the company owns and controls use of the device— and is prevalent in healthcare and manufacturing where employees share devices. Devices run business-only apps and have a very high level of data security.

Corporate-Owned, Personally Enabled (COPE)
The company maintains ownership and pays for the device, but users can download software (with some restrictions) and customize the interface. Devices are pre-configured to ensure security and compatibility with enterprise systems—effectively, hardening and locking the device in advance.

Choose Your Own Device (CYOD)
CYOD allows employees to choose the device from a company-provided selection. This enables you to ensure compatibility, pre-configure the devices with business application, and enforce a certain level of data security.

Bring Your Own Device (BYOD)
Users are responsible for purchasing their phones and paying for their service, though they could be reimbursed a stipend for using their personal device for work. This is the most flexible option.

Benefits of BYOD

A key factor in deciding to go with BYOD is the belief you can save lots of money, but that’s not the case. We’ll talk about this a bit more later, but let’s take a look at some real BYOD benefits.

  • Enhanced Productivity – According to Frost and Sullivan research, employees using personal devices for work increased their productivity by 34%.
  • Employee Satisfaction – According to a Dell survey, 61% of millennials and 50% of workers 30 years or older believe that technology tools they use in their personal lives are more effective and productive than those they use in their professional lives.
  • Better Equipment – Corporate-owned devices are often many generations old while employees’ personal devices are more advanced, making them not only faster, but also more secure.

What are the Risks of BYOD?

Along with the benefits, come a few risks that you should be aware of before you jump into BYOD.

  • Rogue or no clear control over employee devices without an MDM in place
  • Employees using jailbroken or rooted devices, or devices that are no longer supported by manufacturer updates, creating huge security gaps
  • Corporate data and personal data mixing freely, leading to a possible data leak through sharing sensitive information
  • Weak employee passwords or passcodes on their devices, which can be quickly cracked, leaving your company networks vulnerable

Supporting an Effective BYOD Policy

BYOD shouldn’t be everything to everyone. Think about the use case and what you’re solving for, and let that drive your decision. This begins with creating a bridge between technology and your written policies. Even though technology can do so much, that doesn’t mean every group within your organization should have its own wildly different BYOD policy. You need cohesive policies, otherwise you’re just creating chaos.

A cross-functional BYOD policy encourages buy-in from all leadership teams, ensuring that you’re making informed decisions and that every department is involved. Understanding what every part of your organization is doing with their devices, how they’re using them, and how change impacts them can get everyone on the same page and contributing to the policy agreement.

7 BYOD Best Practices

Once you have organizational alignment, then comes putting BYOD best practices into play.

  1. Right Technology 
    No matter which mobility option you choose for your employees, having a robust mobile device management (MDM) solution in place is key to ensuring all devices, BYOD and corporate, are managed efficiently and securely.
  2. Security Containerization
    Done through your MDM siloes your corporate data, protecting against malicious or accidental data leakage. It also enables your IT admins to remotely wipe or lock BYOD devices if they’re lost or stolen. In addition to the tech, employees should be encouraged to add multi-factor authentication to their devices and use strong passwords.
  3. Buying Power 
    As we noted above, saving money should not be a key in your decision-making when it comes to BYOD. A company all-in smartphone voice and data plan is around $45 because of the number of lines. Consumers can’t get it for that amount. Though this line of service is only costing you $45, it’s saving each employee $100 or more a month.
  4. Device Compliance Standards 
    Make sure there is a base level of protection that’s provided by the device and its capabilities. Even if the device can be enrolled in an MDM, the user experience is not what it should be because everything about the device is too out of date. Set compliance standards that say if a device doesn’t have a certain operating system or patch level it’s not allowed to be enrolled.
  5. Role-Dependent Policies 
    Having an MDM solution makes it possible for you to have different settings for different roles in your organization. Some roles, such as upper-level management, need different security access policies, while others may need standard business apps.
  6. User Education 
    Educating your employees about your BYOD policies and risks can help them stop threats before they have a chance to become breaches. Employees should be properly trained in security risks they may face while using their BYOD devices, as well as the proper measures required to prevent and respond to these security incidents.
  7. Managed Mobility Services Partner 
    As a trusted advisor and managed mobility services (MMS) partner, Stratix will do a deep dive into your business to learn how, who, and where BYOD will benefit you most and what you need to have in place to support an effective BYOD policy. By understanding your use cases, how BYOD can affect your company, and the costs involved, you can device a clear and actionable plan for BYOD success.