Creating a BYOD Policy

Michele Warg
Posted by

Allowing employees to use personal devices at work is a great way to reduce technology expenses without forcing workers to use outdated equipment. Without a BYOD policy, however, allowing employees to use their own devices does have some risks. Here are several things you must include in your BYOD policy to protect sensitive data and make sure employees know the rules for using personal devices in the office and on the road.

If you plan to give your employees remote access to network files, your BYOD policy should include an antivirus software requirement. Requiring employees to install security software on their tablets, mobile phones and laptops reduces the risk that your company network will be affected by viruses or malware. You may also want to require employees to install mobile device management software on their devices. This type of software makes it easier for an IT department to enforce compliance rules, remotely wipe lost or stolen devices and wipe corporate data when an employee leaves the organization.

Cost is one of the biggest concerns when implementing a bring your own device program, so your BYOD policy should address costs directly. You don't want your data expenses going up because employees are streaming videos and playing games. Consider using mobile device management software to limit app purchases or downloads. Data ownership is also a major concern for employers. If an employee records a great idea on a mobile device used for work, will the company own that idea if the employee terminates his employment? Be sure to address this in your BYOD policy.

Including hourly employees in a BYOD program has the potential to be a major headache when it comes to calculating hours worked. An employee who accesses training materials at home may be "working" even if she is not in the office or scheduled to work. The same goes for an employee who puts in an hour or two on a work-related spreadsheet or database. Unless you want to pay out thousands of extra dollars in overtime, make sure your BYOD policy addresses how hourly employees use their devices when they are supposed to be off the clock.

Because data security is such an important issue, your BYOD policy must outline what employees should do in the event a device is lost or stolen. If possible, have employees call a designated contact in the IT department as soon as a device goes missing. It may be possible to wipe the device remotely so sensitive data doesn't end up in the wrong hands.

Allowing employees to use their own mobile devices makes sense from a cost-cutting perspective, but there are some concerns regarding security, data ownership and federal labor laws. Before you allow anyone to use a personal device for work, be sure to create a BYOD policy that addresses data security, data ownership and working off the clock. This type of policy protects your company's sensitive data and help you stay in compliance with the law.


Photo courtesy of stockimages at


Become a member to take advantage of more features, like commenting and voting.

Jobs to Watch