If you're considering implementing a BYOD (bring your own device) policy in your workplace, there are a few things you should consider before diving in and giving employees' personal devices access to sensitive information. Do you have the right security in place? Are there any restrictions on device usage during work hours? Are you and your employees using the right apps?


We've got a few tips that could keep your safe and on the right track when setting up a BYOD environment in your workplace.

It's not as cost-effective as you think

Some employers may think that by creating a BYOD strategy, they'll save thousands on computers and other network devices that would otherwise be owned by the company.

This isn't really the case, since security measures and support for employee-owned devices will likely just replace those costs. Implementing a BYOD policy is about employee efficiency and mobility, and should not be considered a cost-saving measure, since the savings may be minimal or nonexistent. Let's just get that out of the way off the bat.

Create a framework

Before even mentioning BYOD to your employees, you need to set up a BYOD framework. The framework address issues like: who gets to use their devices while on the job and for what purposes; which types of devices may be used; and, how support for these devices will be carried out.

Your framework should also include your roll-out strategy. It should be careful and calculated, so as not to become vulnerable to security risks.

Prior to development, it's a good idea to perform a cost-benefit analysis, to make sure it's worth it to set up support for all the devices that will be added to your network.

You framework should include the input of your IT and HR staff, legal and financial advisors, and anyone else who should be involved in the decision-making process.


Get some policies going

The BYOD framework is a top-down view of how BYOD will be implemented. Your policies fill in the details. These will explicitly define what your employees may and may not do when using their personal devices for work.

This is where you can talk about any specific apps that have to be on employee devices and any apps that cannot be on employee devices, for security reasons.

This is also where you'll outline how IT will support employee devices. If devices are malfunctioning, will it be up to IT to fix them or, in the case of smartphones, the wireless carrier in question? These are questions that are to be addressed and their answers outlined.

Cover your endpoints

An endpoint security management system is pretty much a necessity at this point, if you're considering a BYOD environment. Endpoint protection is like anti-virus on steroids. It involves an integrated system of anti-malware, data input/output management, user management, and more.

This is where you can add log-in restrictions, block unsafe websites, monitor network traffic, and much more. Endpoint security is imperative if you want to protect your data and make your network safe for both you and your employees.

You may want an endpoint security system that involves MDM or Mobile Device Management software. This will allow you to control employee devices if they become lost or stolen. Any device employing the MDM software can be remotely accessed and erased.

An endpoint security management system should be factored into your cost-benefit analysis.

Choose safe apps

If you're requiring your employees to use specific apps on their own devices, then make sure the apps you're using are safe and do not contain harmful code. This could be damaging to both your network and your employees' devices, which could entail costly replacements for them and potential data loss or worse for you.


A good endpoint security management system can assume app control and prevent harmful apps from executing on your and employee devices.

Educate your employees

A lot of people know the risks of computer viruses and spyware, but believe that smartphones are all but invincible. This is absolutely not the case and employees should know the possible security risks associated with bringing their own devices to work.

They should be walked through your framework and policies and educated in the use of any MDM software you implement. They should also be made aware of any NAC (Network Access Control) tools are in place, like website blockers.

Test it!

Before rolling out a company-wide BYOD policy, test it in very small doses. Have your IT department monitor usage and strains on the network and have HR monitor its effect on employee relations, efficiency, and satisfaction.


Is your workplace a BYOD environment? What is your experience?

Sound off in the comments below!