Pros and Cons of a BYOD Work Environment

Once upon a time, employers had absolute control over technology. They provided employees with the equipment needed to do their jobs, including cell phones and personal computers. They also replaced and supported all of this electronic equipment. Employees could only access their organizations’ networks when they were on site using desktop computers. If they left their companies, employees were generally required to return all company-owned equipment.

A Brave New Mobile World

Today, we live in an on-demand, mobile world — and it’s changed the way we do business. In many cases, employers have less control over technology equipment and the confidential data it stores. There’s another aspect to this loss of control: Our personal and business lives are less separate.

As of January 2014, 55 percent of Americans owned a smart phone and 42 percent own a tablet computer, according to the Pew Research Internet Project. The percentages are even higher among people with higher levels of income and education.

Many employers are tapping into this technology to enable employees to work remotely 24/7. This brings greater access, flexibility, convenience, functionality and productivity. The key to reaping maximum benefits is allowing employees to choose their preferred devices with a well thought-out bring-your-own-device (BYOD) initiative.

The top manufacturers — including Apple, Amazon, Android and Blackberry — each have a loyal following. So loyal that more than 40 percent of users sleep with their smart phones next to their beds! Studies show that if employees can select their preferred devices, it improves job satisfaction and can even be used as a selling point when recruiting new employees.

In addition, because many employees already own these devices and tend to update them often, employers may be able to eliminate the cost of purchasing and updating cell phones and other mobile devices. Some employees might even be willing to use their own personal computers and printers — in exchange for the ability to work remotely — which can provide even greater cost savings.

When calculating cost savings from a BYOD initiative, offset them with the added costs of supporting multiple operating systems and devices. Ask your IT department to provide a list of devices that it can easily support and that have acceptable levels of security. The more devices IT supports, the more time-consuming and costly your BYOD program will become.

Who’s On Board?

Despite the upsides of BYOD work environments, approximately 30 percent of employers explicitly forbid employees from accessing the network using personal devices, according to a 2013 survey by software provider Acronis and the Ponemon Institute (an IT research firm).

That leaves 70 percent of employers accepting some form of bring-your-own-device program, either explicitly with a formal policy or by default. A 2012 Microsoft survey found that 67 percent of workers use their personal devices at work whether the company has a policy or not. So it looks like BYOD is here to stay — for better and for worse.

What’s Your Company’s BYOD Policy?

If you’re unsure what your company’s BYOD policy is, you’re not alone. The 2013 Acronis study found that 60 percent of employers have no formal policy in place. By failing to address this issue head-on, employers may be exposing themselves to a Pandora’s Box of security and liability risks.

For example, what happens if an employee:

Leaves the company voluntarily or involuntarily?
Loses or recycles his or her personal device?
Shares the device with friends or relatives?
Uses unprotected public wireless networks for work-related activities?
Syncs his or her mobile device with an undisclosed personal computer or local cloud network?
Travels overseas where the device is subject to loss, theft or search and seizure at border control?
Gets into an accident while driving and accessing the mobile device for work purposes?
Downloads an app or scans a QR code that contains malware?
Suffers a repetitive-stress injury (such as “smart phone thumbs”) from using a personally-owned device for work purposes?

A comprehensive BYOD policy takes relevant scenarios into account and attempts to mitigate the company’s exposure to risks.

Risk level varies depending on the nature of your business. For example, healthcare companies need to impose a fairly restrictive BYOD policy to limit the risks of violating the Health Insurance Portability and Accountability Act and hackers accessing protected personal data. Financial service companies and banks also handle confidential information that necessitate a more restrictive policy.

Key Elements of a Comprehensive BYOD Policy

A formal written policy outlines general rules about device use, including the rights of both employer and employees. The key is to balance protecting company interests with respecting workers’ privacy rights and allowing for continued personal use of the device.

Here’s some food for thought when drawing up a written bring-your-own-device policy:

Payment. One big issue with BYOD is: Who pays the bill? Company policies vary widely. For example, an employer might pay for a predetermined number of voice minutes and an unlimited data plan for employees. Any charges above that amount are the employee’s responsibility.