A Strong BYOD Policy Protects Your Business and Your Employees
Many businesses adopt a “bring your own device” (BYOD) approach to the smartphones, tablets, and laptops. And many employees rely on them to do their jobs. BYOD can boost employee efficiency and satisfaction, often while reducing a company’s IT costs. But the approach isn’t without risk for both you and your staff members. So, it’s highly advisable to create a strong formal policy that combines convenience with security.
The concerns
As an employer, your primary concern with BYOD is no doubt the inevitable security risks that arise when your networks are accessible to personal devices that could be stolen, lost or hacked. Another concern is the various legal compliance issues, such as electronic document retention for litigation purposes or liability for overtime pay when nonexempt employees use their devices to work outside of normal hours.
For employees, the main worry comes down to privacy. Will you, their employer, have access to personal information, photos, and other non-work-related data on the device? Could an employee lose all of that if you’re forced to “wipe” the device because it’s been lost or stolen, or when the employee leaves your company?
Important obligations
A BYOD policy must address these issues and more. Of course, a company’s individual circumstances must be considered with setting the policy, but generally most employers should, at minimum, require employees to sign an acknowledgment of their obligations to:
- Use strong passwords and automatic lock-outs after periods of inactivity,
- Immediately report lost or stolen devices,
- Install mandated antivirus software and other protective measures,
- Regularly back up their devices,
- Keep apps and operating systems up to date, and
- Encrypt their devices.
The policy also should prohibit the use of public Wi-Fi networks or require employees to log in through a secure virtual private network when connecting via public wi-fi. Employers may also want to forbid certain apps, too.
In addition, employers need to clearly spell out their rights to access, monitor, and delete data on employees’ devices. Including the types of data you can access and under which conditions. In particular, explain your wiping procedures and the steps employees can take to protect their personal information from permanent erasure.
Protect your employees and your business
Nearly everyone who works for your company is likely to have a smartphone today. As such devices integrate themselves ever more deeply into our daily lives, it’s only natural that they’ll affect our jobs. Establishing a BYOD policy now can help prevent costly mistakes and potential litigation down the road. At Ciuni & Panichi, we’ve been helping businesses be successful for 45 years. In addition to providing financial services, we’re known for our advisory services. We help our clients consider all aspects of their business. To learn more about how our team can help your business contact George Pickard, CPA, MSA, Audit and Accounting Services Department Principal, at 216-831-7171 or by email here.
You may also be interested in:
Audit Opinions: How Your Financial Statements Measure Up
IRS to Clarify the Business Meal Deduction
© 2018