How To Implement and Manage a BYOD Policy (and Keep IT Happy)

phone

Implementing a “bring your own device” (BYOD) policy for your organization can be extremely beneficial, but if not done correctly can also cause several problems. One of the main reasons that companies implement BYOD is to lower their costs associated with purchasing a large number of computers or tablets.

Many security issues can arise, as well as an increase in time spent by the IT department on setting up and monitoring all of the employee’s devices. Though BYOD may lower costs of technology, if not implemented correctly it can actually result in higher costs in areas such as the time and support from the IT department.

It’s important to correctly set up and manage your BYOD implementation right from the beginning.

Here are several ways your organization can get the most out of a BYOD policy while easily managing the risks:

Set Up a BYOD Policy From the Beginning:

Set Up Guidelines and Rules

By drawing up a set of rules right from the beginning, your employees will know exactly what’s expected from them, leaving little room for confusion. These rules will also allow the organization to define any repercussions if employees misuse or take advantage of the use of the BYOD policy.

Set Guidelines for the Types of Devices Allowed

One of the top issues with BYOD policies is that there are many different types, brands, operating systems, and more for devices.

When employees register their device with the company, they then expect the IT department to support it and resolve any issues with the device, which can be a headache for any IT department.

An organization needs to set, right from the beginning, which types and brands of devices they are going to support.

Implement a Mobile IAM Solution in Conjunction with BYOD

Easily Set Up and Manage Devices

In addition to all employee accounts, admins will now also have to set up and register all employee devices. In the beginning especially, there is a large influx of new devices that need to be added, which is extremely time consuming if it is done manually.

Mobile IAM solutions allow admins to easily add new devices by simply adding them in Active Directory. If desired, they can also allow users to register their devices themselves. End users simply fill out a web form that is set up for a work flow request, which will then be automatically be sent to the appropriate manager or department for approval.

Once the company decides which devices they are going to support, this can be set up in their mobile IAM solution. When a user then tries to register a device, only those that the company supports will be able to be registered.

Securing the Company’s Infrastructure

Since employees will keep their device once they leave the organization (because they own it!), there is the potential for them to have continued access company data.

Companies need to ensure that when an employee leaves they no longer have access to the company’s network and data. Though the solution seems simple–disable the user from the system and applications they have access to–this often, more times than not, goes unnoticed and the user remains active.

This is because IT needs to be notified of the employees leave and then manually disable them from all systems and applications individually. If an IAM solution is implemented, once an employee leaves the organization a manager can automatically disable the user’s access and deactivate their access to the network, ensuring the security of the company’s data.

By following these guideline organizations can hopefully gain the most out of BYOD while mitigating the risks that can potentially occur.

Image: iStockphoto

About The Author

Dean Wiech is managing director at Tools4ever. Tools4ever supplies a variety of software products and integrated consultancy services involving identity management, such as user provisioning, role-based access control, password management, single sign-on and access management, serving more than five million user accounts worldwide.