Many organisations are now adopting bring-your-own-device (BYOD) policies that allow employees to work on their personal laptops, tablets and smartphones instead of on company-issued equipment. The BYOD trend has been driven in part by millennials in white-collar positions who have come to rely on using their own technology for both work and play.
The pros of a BYOD approach include: 1. Increased flexibility – instead of forcing corporate hardware preferences on employees, BYOD allows them to work on phones, laptops and/or tablets they and use regularly. 2. Removes barriers – when employees use their own devices, it allows them to seamlessly transition from personal to work related tasks. 3. Reduces costs – no longer need to purchase and service new mobile devices for staff. 4. Faster communication - and more efficient ‘mobile’ employees through the internal use of personal devices. 5. Decrease the burden on the IT department - and increases IT productivity.
However in determining whether BYOD makes sense, it is also important to consider the potential pitfalls such as: 1. Data Exposure – businesses cannot control the apps employees install on their own devices, or connection to open Wi-Fi when they are out and about. 2. Losing Devices – data is at risk where the device doesn’t require a pin code for use. 3. Security - with multiple employees using multiple devices, it’s difficult to meet both compliance and security standards. 4. Acceptable use control – there is little control over the way employees use personal devices at work. Even with policies in place, monitoring every device is not feasible or cost-effective. 5. Network strain - the addition of multiple personal devices affects network performance, connectivity speeds, and ultimately productivity. 6. Data retrieval – is at risk when employees leave the company, taking all of the data on their devices with them. 7. Expense reimbursement – determining who pays for what.
For any BYOD strategy to be successful, employers must be clear about which devices will be supported and what types of company data can be accessed; the employers right to access, monitor and delete information; how the employees personal information and right to privacy will be protected; which data protection protocols are in place; and how compensation will be managed.