Skip to content

What is Bring Your Own Device (BYOD)?

  1. Home
  2. Cybersecurity
  3. Network Security
  4. What is Bring Your Own Device (BYOD)?

What is Bring Your Own Device (BYOD)?

Computers have taken over the world in many ways. It is difficult to find a job that does not make use of this technology in some way or another. Whether it’s a desktop, a laptop, or a mobile device, every employee needs a way to access a common pool of information. That’s where the BYOD policy comes into play. What is Bring Your Own Device (BYOD)? Let’s find out.

Key Takeaways

  • BYOD Policy (Bring Your Own Device) allows employees to use personal devices, offering cost savings and remote work flexibility.
  • Pros include cost reduction and convenience.
  • Cons involve security risks, enforcement challenges, and device limitations.
  • Popularity varies by region.
  • Tips: Ensure policy signatures, establish exit strategy, maintain a list of blocked sites, and define IT support boundaries.
  • Consider unique organizational needs when deciding on a BYOD policy.

What Is A BYOD Policy?

BYOD stands for “bring your own device,” and is also sometimes called BYOP (bring your own phone), BYOT (bring your own technology), or BYOPC (bring your own personal computer). All of these are just different ways to refer to the same thing. These policies allow a person to use their own devices, as opposed to using devices supplied by a company.

There are two contexts in which this kind of term might be used. Mobile service providers will sometimes require that you use a device that is issued by their company. Thankfully, most of them are not this strict. Most mobile service providers will let their customers use whatever devices they choose.

The other context is a work-related one, and this is where we shall place our focus today. As we said, most businesses make use of computerized devices and company networks. There are several good reasons to let your employees use personal devices, and also a few good arguments against the practice.

The Pros of BYOD

The biggest benefit of a BYOD policy is the ability to save large amounts of money. It’s probably safe to say that this is the main reason to adopt such a policy. When you make your employees use an issued device, that means you have to buy as many devices as you have employees. That can add up to a huge expense, even if you buy relatively cheap mobile devices and keep it minimal.

On top of that, you have the cost and trouble of maintenance. When something goes down, it will be your responsibility to get repairs done. A BYOD policy eliminates both of these problems quite neatly. You won’t have to buy a truckload of new devices, and you won’t have to do nearly as much IT maintenance.

When employees use their home devices, it becomes their responsibility to keep things updated. Obviously, an employer should assist in this department, but the majority of the obligation is removed. This isn’t really unfair to the employee because they would need to keep their device updated anyway.

There is also something to be said for the convenience factor. Your employees won’t have to take the time to learn a new system, which saves time and money on training costs. In theory, this should also cut down on employee mistakes to a certain extent.

Finally, we should mention the fact that BYOD policies make it easier for a person to work from home. For some businesses, this may not be a major factor. However, companies with a lot of home-based workers will probably need a policy of this type.

The Cons of BYOD

As we have outlined in the section above, you can save a lot of money by switching to a BYOD system. However, there is a price to be paid, and that price is paid in security. When all of your employees are using a provided device, you can exercise a lot more control over what they do and how it is done.

If your business is such that you feel the need to micromanage certain aspects of your company operations, you will find it easier to do so without a BYOD policy. When you own the computer or mobile device on which your employees are working, you retain ownership rights. This gives you the right to modify a device in ways that provide better security.

For these reasons, we would advise that you avoid a BYOD policy if your company has a particularly great need for security. Once you allow privately-owned computers to access your network, that permission becomes harder to control. You might be able to control what they do at work, but you have no control over their home lives. Thus, the danger of unauthorized access becomes much larger.

Besides, it isn’t just your employees that might cause a problem. Privately-owned home computers don’t tend to be all that secure, and mobile devices tend to be even less so. If you make them use issues devices, on the other hand, you can do regular security audits and updates to make sure that each device is as well-protected as possible.

If you really need a high-security BYOD setup, we would recommend that you consider the use of a well-encrypted network. For the record, asymmetric public-key encryption (better known as PGP and GPG) is the only type of encryption that is never known to have been broken.

You can also run into trouble with a BYOD policy if your employees do not own a computer or any other mobile device. Alternatively, they might own something that is outdated and difficult (or impossible)to adapt to your system. For instance, there are a lot of people who still use flip phones, especially older people. These devices provide little or no internet access, so they will probably be unsuitable. Thus, you might end up having to issue a few devices anyway.

How Popular Are BYOD Policies?

To answer this question, let’s consult this study on BYOD trends. This study involved nearly 4,000 people in 17 different countries, so it’s pretty extensive.

First of all, we can see that BYOD policies are much more popular in emerging markets than in established ones. The highest rates of BYOD use were found in Malaysia, Singapore, India, and the UAE. For more developed countries like Sweden, the UK, and the USA, the rates of BYOD usage hover around 45-50%. Of the developed countries listed, the highest rates of BYOD usage were found in Spain (65%), Italy (55%), and Germany (50%).

These numbers make a lot of sense when you consider the fact that companies located in developing nations often have a lot less money. At the bare minimum, such companies will often have very little startup capital, so they have to cut costs in any way they can. Getting their employees to self-furnish their tech devices is one of the only ethical ways to do so.

One of the other graphs in this study gives us another interesting insight. We can see that workers in developing countries feel that BYOD policies aid their ability to work from home. We can see that these companies have more people working from home, and thus, more need for a flexible BYOD policy.

Surprisingly, we can see that most companies do not require their employees to sign a BYOD policy. The graphs in our study show that, even in countries where BYOD is the norm, most users have not been made to sign policies. This seems like a reason to be concerned, as it denotes a lack of control and a much more disturbing lack of security. The highest rate of BYOD policy usage is in India, and the rate is only about 40%. Most of the countries on this graph are below the 20% mark.

There is another graph here that is even more concerning. It seems that the majority of corporate IT departments don’t even know anything about this idea! While this seems odd, they might have simply been unfamiliar with the terms used, but we can see that there is a definite lack of awareness in the IT industry. The only exceptions to this trend were Japan(45%) and Italy(43%), With most other nations coming in well below the 20% mark.

Tips For Establishing A Good BYOD Policy

Now, let’s talk about the nuts and bolts of the matter. When you decide to implement a policy of this type, you will have to set some rules. This section will give you a few pointers to help you there.

Make Sure Everyone Signs The Policy

You cannot expect people to follow the rules if you don’t make them clear to everyone. It’s not enough to just tell people what is expected of them, as it will often go in one ear and out the other. A written policy makes things a lot clearer, especially if the employee has signed on the dotted line.

This kind of thing is also desirable from a legal perspective. Unfortunately, there are people who do all sorts of illegal things on the internet and/or on their home devices. If, by chance, one of your employees does something illegal or scandalous, that signature can protect you from liability. On a less serious note, this agreement can cut off a lot of potential excuses. No one can claim they didn’t know the rules after they have signed papers to that effect.

Have An Exit Strategy

When someone leaves your company, you need to make sure they cannot continue to access your network. Obviously, there are all sorts of bad things that can happen if you fail to address this problem. There are many ways to prepare an “exit strategy.”

For instance, you might make it so that employees need access to a certain app in order to access your network. This app can have a set of login credentials just like any other, and these can be revoked upon termination of an employee. You might also use a set of auto-updating security certificates. Any employee who doesn’t have the most recent certificate will be unable to access your network.

Create A List Of Blocked Sites

Create A List Of Blocked Sites

The internet is a big place, and some of it is very ugly. Thus, you want to make sure that your employees cannot engage in questionable online activity while using your network. Obviously, you cannot (and should not attempt to) control the home browsing habits of your employees. That is both impossible and morally wrong. However, you have every right to control your company’s network.

  • Pornography sites
  • ALL onion/deep web sites
  • The install page for the TOR browser (used to access onion/deep web sites)
  • Social Media sites (wastes too much time)
  • Sites with politically controversial content
  • Dating sites (again, a waste of company time)
  • Illegal downloading sites (and their accompanying torrent apps)

Set Reasonable Boundaries For Support

Although a BYOD policy will reduce the need for IT support (because the employee will be responsible), you will need to provide some level of tech support for your workers. If you don’t do this, the slightest problem can cause massive delays. As we all know, lost time equals lost money, and productivity figures will be lowered as well. Thus, it really is worthwhile to help your people out on this.

Most people can use a computer or mobile device, but many people have no idea how to fix them when something goes wrong. You cannot reasonably expect all of your employees to be good at that, so your IT department needs to pick up the slack. Of course, you do need limits on the support that is offered. Where you set those boundaries will be up to you, but you must make sure that these guidelines are simple and easy to understand.

Conclusion

Some companies have found BYOD policies to be incredibly helpful, while some others have found them to be more trouble than they are worth. Many others have found their results to be mixed, and that is why no one can tell you if this policy is right for your business…except you!

As with any business decision, you must weigh the potential gains against the potential losses. With a system like this, you gain a lot of convenience in exchange for slightly less security. If you have found our work to be helpful, we invite you to learn more by filling out the contact form or calling PCH Technologies today at 844-754-7500.