Why Your Community Management Company Needs a BYOD Policy

Posted by Andrea Drennen, CMCA on February 7, 2013

Is your management company letting employees bring their personal devices to work? 

BEFORE you start implementing mobile devices in your management operation, you should adopt a BYOD policy.

By now, forward-thinking management companies utilize mobile devices such as tablets and smart phones in their management operation. They have already discovered the virtues that such devices can provide, from improved communications to reduced inspection times. However, there is one important step that they might not have kept in mind, a step that comes BEFORE you start implementing mobile devices in your management operation, and that is adopting a BYOD policy.

What is BYOD?

BYOD stands for Bring Your Own Device (to work), and even if you are purchasing devices for your community managers to use, you may be surprised to find that a shockingly large percentage of them are already using their personal devices for business. (if you've ever checked your work email accounts on your personal device, you are as well!) A survey conducted by Harris Interactive in February 2012 revealed that 81% of employed adults use at least one personally owned electronic device for business related tasks.

It's a little late to shut the barn door, since your staff are most likely already using their personal devices to perform business functions. However, it's not too late to establish a policy to protect your business and your employees.

The Benefits of BYOD

58% of small to medium business owners attest to increased productivityAllowing community managers to use personal devices for work purposes has a number of proven benefits:

  • Increased Productivity - In addition to time-savings built-in to the apps themselves, using a personal device gives community managers the freedom to perform work tasks from home or on the go - increasing the amount of time they are able to spend on mundane tasks and freeing them up during their time in the office to take care of more important things. In a poll by entepreneurcountry.com, 58% of small to medium sized business owners reported increased output and better workplace efficiency after implementing BYOD. Cisco Systems reported a productivity gain of 30 minutes per day per employee after adopting BYOD. 
  • Cost Savings - Under BYOD, The employee is responsible for purchasing their own device, purchasing apps, paying for a data plan and upgrading to new technology as they feel the need. This does not mean that your business has no responsibility for the costs (and support!) of devices approved for work, but you should be able to appreciate some savings.  
  • Convenience - Your staff are already carrying around their personal devices. If you are also providing a company owned device, your manager needs two pockets (or more) to keep both company and personal devices on hand. Considering the fact that community managers tend to be in constant motion, reducing the number of devices they need to juggle can be a real perk.  
  • Choice - Community managers are more comfortable sticking with a brand or model that is familiar to them. According to a Dell whitepaper on the subject: "Allowing the use of personally owned devices may boost employee morale".

The Pitfalls of BYOD

There are some pitfalls when allowing BYOD that you need to be prepared to resolve:

  • Security of Company Data - Allowing employees to store sensitive company information on their personal devices represents a very obvious security risk to your information. A survey by Confident Technologies revealed that over 50% of smartphone and tablet users do not password protect their device.  
    • Network Intrusions - Network intrusions due to lost or stolen devices that are unsecured can result in a data breach, potentially costing your management company a significant amount.  
    • Spyware, Malware & Viruses - According to a Harris Poll of US adults, "25% of employed US adults have been a victim of malware or hacking on a personal electronic device", and the numbers will only increase as adoption of mobile devices increases.  
    • Terminated Employees - Former employees should not have sensitive company data stored on their mobile device.  
  • Potential Litigation - If something does go wrong, who is responsible for the loss, you, or the device owner? This also takes into account compliance with data protection laws, both federally and locally.  
  • Hidden Costs - While you can save on the cost of purchasing and upgrades, there are costs associated with adopting BYOD. From security to increased support, IT costs may increase significantly with BYOD.

Building your BYOD Policy

Your BYOD policy should address the pitfalls identified above, while attempting to maximize the benefits. A BYOD policy can be extremely thorough (such as the one the White House has developed for government agencies), but it doesn't need to be. That said, you should be consulting your lawyer during this process.

Your BYOD policy should address these key questions: (as identified by Fiberlink)

  • Which devices will you allow (Android? iOS? Windows? Blackberry?)
  • What apps will you allow (or disallow?)
  • Will you contribute to the price of the employee owned devices or data plans? (currently only about one-third of companies do, according to Fiberlink)
  • Are there legal considerations to having company data stored on the personal device? (Consult your lawyer)
  • What security measures will need to be taken?
  • What protections will be put in place to protect the employees' personal data from being removed or shared with the company?

Finally, perhaps the most important element of your BYOD policy is to create an Acceptable Use Agreement between the organization and the employee. This should be a document that every employee should sign. It should spell out your expectations for the user to follow in using their devices, such as password requirements, required security apps, requirements for users to keep critical systems up to date, and preventing the user from "rooting" or "jailbreaking" their device. Another clause you should consider adding is the 'ownership' of client contact information, to prevent an employee from taking your client list contact information with them on their mobile device.

Implementing your BYOD Policy

You can implement further security by moving data access to the cloud. In one fell swoop, this can resolve security issues issues resulting from lost or stolen devices, former employees and abuse.

In addition to enforcing the security measures outlined in your Acceptable Use Agreement, you can implement further security by moving data access to the cloud. In one fell swoop, this can resolve security issues issues resulting from lost or stolen devices, former employees and abuse. If you are using a mobile community management product such as TOPS GO!, this functionality is already built-in to the program, allowing you to easily log in and deactivate any device, at any time. Without the ability to log in, the device no longer has any access to that sensitive data.

If you do not have such an option (or even if you do!), consider an MDM (Mobile Device
Management
) product. These products control security settings for mobile devices, allow remote wiping of data from a device, and detect misuse or abuse of your mobile policy (such as detecting if a device has been jailbroken.) MDMs typically cost between $2 and $10 per device.

In Conclusion

It seems for now that BYOD is here to stay. The blurring of the lines between work and personal lives in today's modern society have made it more than a matter of mere convenience. As a forward-thinking management company, it's up to you to create a policy that protects both your company and your community managers to ensure that you can reap all of the benefits of BYOD without experiencing the pitfalls.

 

 

Learn how to save more than 30 minutes per inspection with TOPS Go

Related Posts

 

Comments