With the BYOD trend, many organisations are allowing their employees to use personal technology, which can benefit companies because employees are more likely to work on their own time. BYOD has become very popular, very fast due to the benefits of increased productivity and cost effectiveness.
If you currently own or run a business in Sydney , BYOD might sound like a great idea. However, there are many risks associated with BYOD when an employee is fired or decides to leave the company. When this happens, it’s important to inspect employees’ laptop or smartphone to ensure it doesn’t contain company information, but this may not be possible. While many businesses are deploying the BYOD trend, how can we effectively balance the risks and the benefits?
We know that some data will remain with employees once they’ve left the company, such as phone numbers and email addresses of business content, or content regarding the organisations critical business practices. However, there are a few ways you can minimize the risk and feel secure with the BYOD trend.
BYOD Layoffs: Minimizing the Risks and Planning Ahead
It’s simple to copy and move information quickly with digital files, yet there’s no definitive way to access a departing employees’ personal device and erase important business files or information. However, communications data can be sorted into three categories: mobile data, emails and files containing company information.
Once you’ve sorted out the data, you can establish the level of risk associated with letting go of a specific employee based on the type of data contained on their devices. Remember, communications and business critical data is important, so it’s time to start compartmentalizing risks and find a balance between the benefits and risks of a BYOD workforce.
In order to minimize risks, you must begin to plan for employee departures. There are many policies and practices that organisations should consider implementing prior to employee departures.
Develop a Written BYOD Policy
Sometimes, developing a written BYOD policy takes a lot longer than companies anticipate. Start by thinking of all sorts of “what-if” scenarios, and integrate them into your BYOD policy. Continue to expand your BYOD policy to include potential real-life scenarios, until you feel certain that your policy is complete and covers all possible situations.
When developing a written BYOD policy, make sure to cover the following aspects:
- User and corporate IT responsibilities
- Benefits VS. disadvantages of BYOD
- Acceptable personal use policies
- Reimbursement policies regarding the cost of devices, software and roaming fees
- Network access requirements
- Types and brands of devices that are supported and allowed to access the network
- The company’s right to monitor the appropriate use of the devices VS. the user’s right to privacy
- Device reset and data deletion policies
- Policy enforcement and the consequences of violating the policies (including termination)
- Lost or stolen device policies
- Security controls and secure configurations
- Application restrictions
- And, perhaps most important, acceptable use and treatment of corporate data
In addition to these points, many companies choose to implement confidentiality and non-disclosure agreements to make sure departing employees aren’t leaving with company data or property. Your organisations IT department should also set access or restrictions to data that’s locally hosted via your company’s shared file servers. It’s important to monitor employee IT activity as well.
Perform Regular Security Check-ups and Updates
Often, employees aren’t as diligent about security measures as you’d like to believe they are. Make sure your IT department steps in regularly, performing security check-ups and updates on any devices that are accessing the companies’ network. Thanks to your BYOD policy, users will already be aware that their devices will be scanned and updated regularly.
Keep Business Critical Data away From Local Devices
Ensure that business critical data cannot be downloaded and saved to local devices with applications and services. By restricting user access to central repositories and networks, you’re able to greatly minimize the risks of the BYOD trend.
All important data should be synced to a central account with access controlled by an administrator. Furthermore, look for ways to place intermediary technologies between the company network and personally owned devices, which will add extra protection and security to the company’s network while reducing the workload for the IT department.
In addition, tools that allow an administrator to remotely wipe an account are fantastic for BYOD security. Applications which reduce the amount of data that’s downloaded onto a mobile device are great as well. This will ensure your data remains protected as long as an administrator shuts off the individual user account for departed employees.
Hire Employees with Caution
This step is completely out of the IT departments’ control, but it’s the most important step to avoid problems with departing employees. If you don’t find someone trustworthy, don’t hire them. By following these steps, you’re able to protect your business and minimize the risks associated with BYOD.