Best practices for BYOD

To reap the benefits of BYOD while avoiding potential risks, every organization should develop a strategy regarding the use of personal devices for business purposes. Here are some best practices to consider when defining and implementing a BYOD strategy.

Define your BYOD policy

Define eligibility

Identify who can use personal devices for work and scenarios where it is inappropriate due to data security, worker type or other factors. In enterprises that allow a personally-owned device to replace a corporate endpoint, this decision is typically optional for the person and subject to managerial discretion.

Determine allowed devices

BYOD policies should allow people to use whatever type of device best meets their needs. IT can enroll and manage any device, detect jailbroken devices and perform a full or selective wipe of applications, data or the device.

Set service availability

Think about the services and apps you want to make available on personally-owned devices and whether they differ by work groups, user types, security profile, device types, location and network utilized as you define your policy.

Clarify cost sharing

Some organizations provide a subsidy for personally-owned devices and other services, especially in cases where a corporate device is no longer provided. If considering a stipend, device warranty availability, tax consequences and potential IT cost savings should be taken into account.

Implement BYOD in your organization

Plan rollout

Provide guidance to help people decide whether to participate, choose the right device and understand the responsibilities that come with bringing their own device, including how data can be accessed, used and stored. Assess your users, applications and data for BYOD participation including a capabilities assessment and gap analysis on your current environment, then develop a roadmap to deploy BYOD.

Implement security

Confidential business information should reside on the endpoint only in isolated, encrypted form, and only when absolutely necessary. Multi-layered security should include granular policy-based user authentication around device ownership, status and/or location with tracking and monitoring for compliance; control over print capabilities and client-side storage; and mandated antivirus/anti-malware software. IT can manage any device, detect jailbroken devices and perform a full or selective remote wipe of a device.

Establish support and maintenance levels

Spell out the type of incidents IT will support and the extent of this support. A loaner pool of devices allows uninterrupted productivity during service, especially when a personally-owned device is used in place of a corporate device. Consider providing key personnel with additional, concierge-style support. Educate and enable your users for self-support and capture key metrics to continually maintain and enhance your BYOD model/solution.

BYOD can take many forms. Citrix BYOD solutions provide a flexible yet controlled framework to assess, design, deploy and support the right approach for your enterprise.

(*)Register to access