How to implement bring your own device in your business

The proliferation of mobile technology has opened up a cost effective way of working for SMEs through bring your own device (BYOD). And, as Steven Perryman argues, if you manage it right from the outset it can boost employee productivity and save your business money   

Believe it or not, not long ago employees had a personal mobile phone and a company-owned device they used for work which was, more often than not, a BlackBerry (remember those? They had mini keyboards and everything).

Nowadays the lines between personal and professional use of mobile devices are blurring more and more. This provides many SMEs with new opportunities in how they manage the IT needs of their employees.

BYOD – a trend that appears here to stay

Last year the buzz term doing the rounds was cloud computing. Right now – as Dean Evans suggested in his technology trends post on AAT Comment last week – it is bring-your-own-device (BYOD), a solution that takes it one step further and sees employees use their personal devices for work purposes.

It doesn’t look like being a fad, either: according to a recent survey conducted by HR software vendor, Software Advice, more than three quarters of employees are already using their personal devices for work related activities, while SMB Group reported last year that 62% of SMEs had already implemented a BYOD policy.

The benefits are obvious: employees benefit because they get to use a mobile device and operating system of their choice – be it Apple, Google or Samsung, iOS or Android – and a set up they prefer. The attraction for SMEs, meanwhile, is the potential reduction in IT hardware, software and service costs.

Implementing BYOD in your business

As great as that all sounds, before you consider implementing BYOD in your business you should make a risk and cost-based decision on who should have access to the network or sensitive company/client information. By understanding your staff and the potential threats, you can address concerns specific to your business.

Establishing a BYOD policy

Before you start, having a clear BYOD policy is crucial. Indeed, the Information Commissioner’s Office (ICO) warned companies earlier this year that they must have a proper BYOD policy in order to protect against the risks. As such, staff should receive guidelines and information on data that the network can and cannot – or will and won’t – access.

You should consider if you intend to remotely control the device at any point to give IT support. You may not do this yourself, of course, but your IT company may be able to connect to mobile devices and ‘take control’ to install or update software and provide technical support. If this is the case, you need to tell your staff this is an element of the BYOD policy.

You may already have agreed that you will monitor email communication, but if your device is owned or part owned by an employee, they may be wary of you monitoring their email.

It’s worth remembering that employees often have a greater expectation regarding privacy on both mobile and personally-owned technology – even if they’re using it for business purposes.

BYOD and security

It may sound obvious, but security will almost certainly be your main concern. It’s worth remembering that the two main players in business email solutions are Google (Google Apps) and Microsoft (Microsoft Exchange).

Both can now implement the three main security benefits you should look for on all newer mobile devices (such as the Blackberry 10, Android, Windows Phone and iPhone):

1. Secure email, contacts and calendar synchronisation
2. Remote wiping for lost or stolen devices
3. Forcing passcodes on the lock-screen so that data can’t be accessed easily by unauthorised people.

In addition to these basics, BlackBerry and Samsung have actually released consumer phones where you have two separate environments – one locked down, encrypted, secure environment for work and one which is open and free for the employees’ personal use of the device.

What happens when an employee leaves?

To avoid any unnecessary issues, ensure that your BYOD policy includes guidelines on which business data and apps you will remove if an employee leaves. For example, you may have paid for a licence for Office365 for their device, but when they leave that licence will be revoked and they will need to get one of their own.

And if they may have personal data stored on their Office365 SkyDrive, then be explicit that they will no longer have access to that and it will be removed.

What happens when an employees device breaks?

Another danger is that often with BYOD an employees productivity is dependent on the personally provided device. This is fine until the device breaks, is stolen or is dropped down the pub on a Friday night.

This leaves you in the tricky situation of potentially insisting that an employee finds the spare hundreds or thousands of pounds to replace the device so they can continue to work. To avoid this, you should consider keeping a bank of spare devices, or be prepared to buy a replacement just to keep them working.

BYOD clearly has its advantages – and its disadvantages too. But by establishing some guidelines and protocols from the outset, it is clear that it can save your company money whilst motivating your employees at the same time.

If you would like more information on implementing BYOD in your business, the ICO has produced a helpful free guide that can be viewed and downloaded online.

Steven Perryman is AAT Comment's former Content Editor.