For an emerging generation of tech-savvy workers and students, accessing workplace systems and data using their own personal devices can often provide a quicker and more flexible experience. This is especially the case when compared to relying on clunky static systems or having to wait for IT to add or enable specific functions.
The trend of BYOD or Bring Your Own Device is certainly on the rise. According to a Markets and Markets report, the BYOD market was worth £44.29 billion. By 2017 it’s estimated to further rise to a staggering £119.55 billion – a jump of almost 200% in just 6 years.
Bring Your Own Device can have a number of beneficial effects, both for individual employees and the company or organisation they work for. Familiar devices can be quicker and easier to use and can boost productivity. It can also save on the cost of corporate mobile devices and support a more flexible and mobile, cloud supported IT strategy.
However, there are also a number of associated risks and issues involved and it’s important to have a comprehensive BYOD policy set in place. The company that controls data is still legally responsible for data protection relating to third parties and there are other potential security issues involved, such as: access to sensitive corporate information and vulnerability to viruses and other digital attacks.
In October 2014 the CESG and the Centre for the Protection of National Infrastructure published guidance for businesses that already have or are considering adopting the Dell Bring Your Own Device approach.
An effective BYOD policy should support protocols, guidelines and technical controls that ensure your data and systems are as secure as a purely ‘in house’ IT structure. This is important for both the IT department and individual employees who might be using their own devices under BYOD.
On the technical front; mobile device management can help you remotely manage personally owned devices whilst also impact usability. Restricted devices might not appeal to a lot of users so a BYOD policy should be drafted in consultation with employees wherever possible. You should also ensure that personal devices can only be used to access data that you are ordinarily willing to share with authorised staff and that only suitable secure devices are used at work.