The BYOD trend has been called a lot of things: Inevitable, unstoppable, a security nightmare, a great business enabler, an effective staff retention perk, the archenemy of traditional IT. And as with most technological shifts and disruptions, there's probably some truth in each of these characterizations. But although circumstances and opinions vary, one thing seems clear: Organizations need to exert some control over how employees use their personal devices in the workplace.
A policy is a good starting point for gaining this control because it provides the framework for formalizing guidelines -- such as what types of devices are permitted, what steps need to be taken to authorize their use, what IT should do if a device is lost or an employee leaves, and how data access will be managed. It's also an essential tool in the never-ending challenge of raising employee awareness. Compliance improves when users understand the risks that drive the need for certain rules and practices, and a good policy helps clarify those risks.
Get a head start
If you're trying to put together such a policy for your organization, TechRepublic Pro's BYOD Policy can help. It defines the policy objective, explains why the policy is needed, and identifies those users who must adhere to its guidelines. A section on equipment allows you to specify what devices are covered. A detailed list steps through the authorization process and includes a form that users can submit to obtain device approval. And there's an acknowledgement form for users to sign, so you can document that they have agreed to comply with the policy.