BYOD policy

What is a BYOD policy and what should it include?

Does your company have a BYOD policy in place yet? If not, it might be time to consider implementing one. Let’s answer the question, “What is a BYOD policy,” and then take a quick look at what a policy can mean for your business.

What is a BYOD policy?

Depending on who you’re talking to, BYOD (bring your own device) can mean quite a few different things — which is why some people choose to exchange BYOD for BYOT (bring your own technology).

But in simple terms, BYOD involves using personal technology for work-related purposes. So if someone used their phone to access company emails from the coffee shop — that’s a form of BYOD. If someone used their personal laptop to finish a company project from home — that’s also a form of BYOD.

At this point, a major problem presents itself — how does a company secure the data that is accessed and stored on these personal devices?

This is where the policy comes into play.

Just as there are different versions of BYOD, there are also different versions of a BYOD policy. But typically, it’s a written set of rules that helps a company better control personal devices used to access its data.

What is included in a BYOD policy?

Of course, the next thing to ask yourself is what should (or shouldn’t) be included in a BYOD policy.

While you might think it’s safe to assume that anything and everything should be covered by this policy, that’s not always the smartest route to go.

It’s important to remember that your employees should still feel like their devices are their devices and that they have some degree of privacy. If they don’t, then a BYOD policy will never work.

Here’s a quick list of areas your BYOD policy should cover:

  • What devices are or are not allowed (ex: what version iOS)
  • What apps will your BYOD policy support (ex: what productivity platform)
  • What types of passwords are allowed (ex: minimum character count and special characters)
  • How is data allowed to be shared (ex: Google Drive or Dropbox)
  • What happens when an employee leaves the organization (ex: what is wiped and how quickly)
  • What type (or level) of security should your devices be required to have   

How do companies create and manage a BYOD policy?

A BYOD policy can always be created internally by management and IT staff; however, most companies that require a comprehensive BYOD policy outsource that responsibility to an IT provider.

An IT provider can assist in the creation of your BYOD policy and help you successfully manage the devices wrapped up in that policy.

But at this point, things start to branch out into mobile device management — where an IT provider will control, monitor, and secure your company’s connected devices. This typically involves remote wipe capabilities, the actual security solution, device tracking, and more.


If you want to learn more about BYOD or if you need help crafting a BYOD policy, give us a call or send us a message. We’d love to help.