Should Your Company Allow a BYOD Work Environment?
WHAT IS BYOD?
BYOD stands for “bring your own device,” and refers to the incorporation of a personal mobile electronic device into a work environment. In this case, a “device” refers primarily to a smartphone, tablet computer, or laptop. The BYOD concept is also referred to as BYOP (bring your own phone), BYOPC (bring your own PC), and BYOT (bring your own technology).
WHAT ARE THE BENEFITS OF A BYOD WORK ENVIRONMENT?
There are plenty of positive aspects of a BYOD workplace. By giving employees the freedom to use their own mobile devices and operating systems with which they are more familiar, the nature of the workplace becomes markedly more flexible. A BYOD workplace can…
- Eliminate the cost of buying new devices, software, and/or data plans
- Encourage working and problem-solving remotely
- Allow for flexible schedules
- Improve productivity thanks to greater device proficiency
WHAT ARE THE CONS OF A BYOD WORK ENVIRONMENT?
Workplaces that allow a BYOD environment may encounter a number of problems. In particular, healthcare organizations that are using personal devices to view, transfer, or store personal health information (PHI); as well as those in the financial services industry that handle sensitive personal information, may have cause for concern if allowing BYOD. Problems may include:
- A lack of security measures installed on devices
- Failure by employees to adhere to proper device security protocol
- Disparities in device types leading to productivity limitations
- HIPAA breach dangers (for healthcare verticals)
- PCI compliance concerns (for financial services institutions)
HOW CAN WORKPLACES ENCOURAGE BYOD SECURITY?
The most prominent concern regarding a BYOD environment is security; it is critical that workplaces with personal mobile devices implement a clear BYOD policy. This policy should outline the precautions and security measures expected of employees with personal devices, as well as the kinds of support the workplace will provide employees. These measures should include…
- Password and PIN protection for all devices
- Access to SFTP (Secure File Transfer Protocol) for sensitive file sharing
- Use of high-security and compliance-oriented clouds
- Limited visitor access to networks
- Remote wiping and/or disabling device capabilities