
The Galaxy Tab Active3 Enterprise Edition is rugged, versatile and business-ready
The Tab Active3 lets frontline workers go fearlessly toward projects in intense work environments — while providing reliable security and customization.
Bring Your Own Device (BYOD) policies touch on strongly held beliefs about the boundary between work and home, not to mention security, access to information and personal privacy.
While searching for “BYOD Policy Example” might be a step in developing a good policy, it shouldn’t be the first step. The process of writing a policy requires more than editing a template — it means establishing a lasting consensus on mobile behavior and security.
Here are five key agreements to make before you dive into writing policy.
Regardless of who is driving the BYOD policy process, a team representing different parts of the organization has to come together to translate strategy into policy. Four primary areas should be represented:
The term “BYOD” has different definitions to different people. It’s your company and you can make any definition you want, but you should make it clear what you mean early on.
Get our comprehensive guide and template for developing a BYOD policy tailored to your organization. Download Now
Agree on the answers to these four questions to define the term “BYOD” in the context of your organization:
“Device” in BYOD covers a lot of territory. Will your policy be for mobile devices only, such as smartphones and tablets, or are you including laptops? How about user-owned computers, such as home desktop computers?
Nothing sinks a BYOD policy faster than a lack of balance between user freedom and organizational control. Mobile security policies should be written to acknowledge that most users want a single smartphone, no matter who pays for it. From that point of view, BYOD policies describe a collaboration between the organization and the staff member, working together to ensure that mobile devices don’t represent a security vulnerability.
Trying to assert too much authority will result in users rejecting the policy or subverting its intention. Agree early on how you’ll approach this, and where the organization does and does not have control.
Policies always have exceptions, and BYOD policies often have many. Sometimes it’s a very senior manager who insists that they need a different device than everyone else. Or an advanced research and development group that may need special access to their devices or configuration for testing and development. In any case, there will be exceptions, and it’s good to plan for those exceptions from the beginning. It may sound like you’re already undermining the new policy, but it’s better to have all the rules laid out at the beginning.
Start by identifying who is allowed to make exceptions to the policy — and it shouldn’t be an entire committee. The exception process shouldn’t make it easy to circumvent the policy, but it should allow reasonable exceptions when there are clear business requirements. Exceptions should be clearly documented and be subject to periodic review, or come with an expiration date.
If you can get agreement on these five questions before you start writing the policy, the entire process will be much simpler and painless.
Download our free guide to writing an effective BYOD policy, or learn about accelerating a BYOD system with mobile device management.