5 STEPS TO CREATE YOUROWN BYOD POLICY

Your employees are begging for it and your IT team is panicking. Your staff may have already

started trying to sync their personal devices to your network. Whatever the case, establishing a bring-your-own-device policy for the workplace is essential to remaining current, creating true collaboration, keeping company data safe, and overcoming the chained-to-the-desk workplace mentality.

productive work-life balance.

Starting from scratch and trying to ensure that you’ve covered all your bases can be both a complicated and a lengthy process. So, to help give you and your team a head start, we’ve compiled a handy checklist with a thorough 5-step process that you can refer to throughout your journey to establishing your BYOD policy.

Recent studies from Tech Pro Research have found that 74% of organizations are already using, or are planning to establish, a BYOD program.

This trend is only increasing. IT World Canada states that 82% of highly engaged employees work remotely whenever possible; giving them the freedom to continue to be engaged, but also establishing a healthy and

5 STEPS TO CREATE YOUROWN BYOD POLICY

Before you decide on anything, you need to include representatives from all of your major departments. Be sure to also include end-users and not just

department heads, so that you can hear input from everyone regarding what they want, what they need, and what won’t work.

Strategically including team members from multiple departments and with different technical backgrounds at this stage will promote an atmosphere that’ll encourage a more universal employee buy-in to the program..

lHold discussion sessions:

The first discussion session will be to outline not only how creating a BYOD policy will help reach specific business goals and objectives, but also to clearly establish the roles of your team representatives throughout the planning and implementation process. They will have to:

❏ 2Lead departmental discussion sessions.

2Speak for their entire department in order to represent the information collected.

❏ 2Conduct departmental reviews:

aThis includes listing all processes, software, hardware, and systems they need in order to conduct their daily work.

❏ aIf you’re open to considering multiple devices or platforms, take this chance to survey your employees on their devices of choice. Apple, Windows, or Android? Laptop or Tablet?

❏ aFind out if your employees are already using personal devices — asking openly (and potentially anonymously) is your best bet to get accurate information. Guessing isn’t your best course of action here.

Did you know? Apple’s iPhone currently holds 73% of the enterprise mobile device market share. Android holds 25%, while Windows and other brand names account for only 2%.

Assemble a team

1

Develop adraft

a❏The second discussion will be to collect all presented information into a collective company-wide map of software, apps and systems used throughout your employees’ daily work. Multiple sessions may be necessary as you discuss your policy, but ideally it should take two sessions to nail down what’s required and outline an acceptable policy.❏ aRely on your in-house IT team to address any usage issues raised by departments, and the feasibility of making certain applications accessible from a personal device.

❏ aAt this point, it would be valuable to select a Mobile Device Management (MDM) software, if you haven’t already. Through this system, you’ll easily be able to:❏ aEstablish profiles. aConfigure devices.❏ aPerform remote operations such as wiping the device, locking the device, or accessing software or hardware components.❏ aEnforce password policies.❏ aRestrict information access (rights management).❏ aDeploy management settings.

Our MDM Software suggestions include:❏ aMicrosoft EMS (Azure AD Premium, Microsoft Intune and Azure Rights Management) ❏ aSymantec. aTrend Micro.❏ aKaspersky.❏ aLANDesk.❏ aIBM Endpoint Manager for Mobile Devices “Tivoli”.

Continually managing devices and users connected to the network is a never-ending role for your IT team, but if personally managing your own BYOD policy sounds like too much to handle, our team at Acrodex can manage your MDM software for you.

❏aResearch all the legal and IT considerations. Create sections that clearly outline:❏ aAll of the devices that will be supported by the policy.❏ aThis is to include their operating system version and update number, as well as payment policy on these devices. ❏ aIs the employee being reimbursed for the entire

device, or just a portion? This section should clearly define how any reimbursement program might work.❏ aHow will the employee set up these devices for business use?

❏ aAcceptable Use related to personal devices that includes definitions on personal use and company time while establishing policies surrounding usage that is deemed appropriate or inappropriate, complete with examples. ❏ aThis section should also include a list of restricted and accepted applications which ensures clear instructions surrounding popular apps such as Facebook, games, productivity apps, etc. (Note: most MDM solutions have the ability to customize access rights to both personal and company apps with the ability to ‘Selectively Whip’ ONLY company apps if the need arises. The personal apps are retained, untouched, on the device in this scenario)

❏ aUser profiles❏ aInclude an outline of exactly which company owned resources will be available to employees of different access levels — and explain why certain key functions have been locked.❏ aAn explanation to employees on how your MDM software works with profiles and establishing limitation could also be useful here.

❏ aRules on device and network passwords:❏ aClearly communicating when a device lock is required, as well as potential secure sign-on credentials and password resets that may include multi-factor authentication.

❏ aOutlining the device wipe policy to clearly define:❏ aWhen/if a device will be wiped.❏ aWhich data is wiped.❏ aHow IT will assist in showing employees how to properly backup their data.

❏ aYour management and IT department need to clearly lay-out employee responsibilities so that each user understands what they are agreeing to by using their personal device for company purposes. This section should include:❏ aPlan payments aData restrictions❏ aAgreement to follow the above rules as laid out in the policy.

2

Present to decision-makers❏

aBe sure that you’ve covered all your bases, including objectives, approved devices, application/information access, security, directory access/connection, and if you’ll have a virtual desktop established.

aPut this together in one comprehensive document that can easily be referred to by both decision makers and employees who will be involved in the program.

aInclude ROI projections that may persuade the lingering BYOD nay-sayers to give it a chance.

Thoroughly test it❏

aConsider deploying the first round as a pilot program so that you can get a feel for employees reactions to the new program.

aInclude executives, mid-level, andentry-level employees from each department to get an overview of uses, dislikes, and any problems that they encounter that may be specific to their job function.

aBe sure to choose people you know will give you honest and candid feedback so that it’s not a wasted trial.

3

4

aClear communication is integral to entice employee buy-in to the program. Rolling out anything new, especially something with the immediate implications to each individual in your company, requires training. Clearly establish the program’s objectives, limitations, and devices accepted is crucial.

aFollow-up once it’s implemented to ensure that your initial goals and objectives are being met, as well as to follow up with employees and ensure that it’s useful.❏aApplications and software are constantly providing updates in order to offer better quality services and interactivity, therefore, you have to ensure that your IT department are testing and installing these updates frequently.

aContinuously search out potential threats and policies to prevent data loss. The security of your network is only as secure as the applications that your employees are accessing. Keeping an eye on potential backdoors ensures that you’re ahead of the hackers by preventing potentially crippling malware infections.

Deploy the

policy

5

Bonus: Ensure that your security policy meets your regulation requirements

While most BYOD programs are created to give your employees more freedom, certain industries require

strict control over access and sharing company data.

Even the most regulated industries are now able to enjoy a BYOD environment through strict regulation of profiles, adherence to antivirus updates, and strong policies regarding applications. Constant security monitoring and updating is required if you don’t want your industry secrets walking out the door. Things that you can constantly do include:

aHigh-quality antivirus programs, running the most up to-date signatures, with real time updates and firewall protection.aEncrypted hard drives and devices with password protection.aManual checks for potentially missed viruses.aConsider establishing a virtual desktop that itself exist on your physical servers, but still acts as a virtual desktop that can be accessed only through tight sets of security (locally).

We can help!At Acrodex, our team of consultants are

focused on preparing your business for complete BYOD integration. From policy creation, MDM software and device procurement and deployment, to complete management, we can help.

In order to ensure that your company is enjoying the freedom of the cloud, while still keeping data secure, we can offer project readiness assessments and complete consultations to ensure that your cloud and BYOD policy is as tight as you need it to be. From identity management, BYOD best practices, to being a value-added reseller of top manufacturers, our consultants are dedicated to ensuring that your transition is a smooth one.

NOT SURE IF YOU’RE READY TO MAKE THE LEAP? LEARN MORE ABOUT OUR CLOUD READINESS ASSESSMENT .

If you’re contacting us for the first time, feel free to use the TOLL FREE number below:

(855) 465-2911

© 2016, Acrodex Inc. All rights reserved. This document is for informational purposes only.ACRODEX MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Prairies (Saskatchewan and Manitoba)62 Albert Street, 3rd FloorWinnipeg Manitoba R3B 1E9T: 204.943.8464 | F: 204.943.2622 | www.acrodex.com

VancouverSuite 500, 666 Burrard StreetVancouver, BC V6C 3P6T: 1.800.456.2667 | www.acrodex.com

Edmonton (Headquarters)11420 - 170 StreetEdmonton, AB, Canada T5S 1L7T: 780.426.4444 | F: 780.426.2233 | www.acrodex.com

Calgary#3, 10524 – 42 Street SECalgary, Alberta T2C 5C7T: 403.265.2667 | F: 403.265.0652 | www.acrodex.com

Toronto1300 Rodick Road, Unit CMarkham, Ontario L3R 8C3T: 905.752.2180 | F: 905.752.2190 | www.acrodex.com