As more companies embrace the
bring your own device (BYOD) model, many questions arise. Allowing access to corporate data on a personal device means that you will be exposed to privacy laws. These laws vary significantly around the world and are intended to protect the employee. Countries in the European Union have the most restrictive privacy laws and regulations and can impact your ability to roll out a BYOD initiative as well as your approach to implementation in that region.
A BYOD strategy is not the single answer to addressing the
consumerization of IT trend. Consider the
corporate owned, personally enabled (COPE) model. Regardless of who owns the device, corporate data and personal data need to be managed separately, and corporate data should remain under enterprise control.
Adopting a BYOD does not mean that you will support whatever electronic (mobile, laptop, ipad, etc.) devices your employees want. Remember that a BYOD strategy may not be simply about providing access to e-mail and calendars. It is about enabling enterprise mobility and productivity for all.
eInnosec based on the best practices and legal cases have put together detailed approach to adopting BYOD and it includes:
- An electronic consent form
- Acceptable use policy
- Human resources considerations
- Privacy laws ‑ National and International
- Finance considerations
- IT considerations
- Mobile Apps
- BYOD Strategy
- BYOD Management
- BYOD Security Architecture
- BYOD and Compliance
- BYOD and Privacy Challenges