What is BYOD? The Benefits of Bringing Your Own Device to Work

Bring your own device. Behind this phrase lies the BYOD work philosophy. The practice of bringing personal devices into the office and factory, or teleworking from them at home, is controversial in the face of cyber-attacks on corporate networks.

In this article, we talk about BYOD and what we can learn if it makes sense to work on personal devices. Above all, to establish a cybersecurity strategy accordingly.

What is BYOD?

BYOD is an initiative for employees to access tools, data sources, or corporate networks with personal electronic devices (tablets, phones, computers…) that they have at home. BYOD is related to other practices such as Bring Your Own Phone (BYOP), Bring Your Own Computer (BYOPC) or Bring Your Own Technology (BYOT).

Examples of BYOD

One of the clearest examples of BYOD at work is the use that employees can make of their own mobile phones, from which they access corporate information (email, documents…) and also messaging applications or personal social networks. The same applies to tablets or laptops, which are quite common devices in households.

When talking about BYOD, USB sticks are also taken into account, where information is uploaded from one device to another. USB sticks may not be as widely used as they were a few years ago, due to the proliferation of cloud-based file-sharing platforms, but they still serve many people for storing and ‘transporting’ digital files.

Why You Should Use BYOD

Reasons for BYOD include:

• Satisfy employees who prefer to work on their own equipment. Sometimes they may prefer to use these because they are more advanced than the company’s, or are more convenient to work with.
• Work from wherever and whenever employees want, which would help retain talent or serve customers more quickly. In other words, flexibility is increased.
• Also, increase employee productivity: they can perform better if, as we pointed out earlier, they are working with the devices they prefer.
• Save costs on the purchase of devices. If the company wanted to, it could finance part of the price of the terminals purchased by employees.

Why You Shouldn’t Use BYOD

However, the potential advantages of BYOD must be weighed against two clear disadvantages or drawbacks:

• Employees may need different support, depending on the device they use.
• And above all, cybersecurity. Corporate information and tools are exposed to more devices and thus to more risks. If employees access malware from their personal devices, it could contaminate the corporate network, where confidential information exists. It can also happen that an employee’s personal device is lost or stolen; if the device is not well protected or its information cannot be remotely wiped, the data is severely compromised.

How to Establish a BYOD Strategy

If you eventually decide to have workers bring their own devices to the office or work from them at home and thus access corporate tools, certain ideas need to be fixed.

• Which specific devices will have access? Operating systems (iOS, Android…), model…
• What kind of support will be established on the devices if they are damaged? Also, on which applications this support will be provided (corporate email, applications, etc.).
• Employees commit themselves to following the company’s security guidelines. They must be aware of the risks of using personal devices, so they must be made aware of these practices through training. For example, setting strong passwords, two-step authentication, or automatically locking the screen when the device is not in use.
• Enable remote access or tracking of the device, in case it is lost or stolen and sensitive information needs to be deleted.

Plain Concepts’ cyber security expertise enables us to help you establish your BYOD strategy.

The approach we propose for your BYOD is Zero Trust, which is precisely ideal for hybrid work environments, as it serves devices and enterprise applications and data at any time of work.

Zero Trust is of particular interest in BYOD strategies because:

• It verifies that only authorized devices, people, and processes are accessing corporate resources.
• It verifies the security of device endpoints and applications (local or cloud).
• Works to control software that accesses corporate information.
• It secures structured and unstructured corporate data.

Because of the importance of cybersecurity in a company, and even more so when personal devices are connected to corporate networks, create a strong cybersecurity strategy for your company. At Plain Concepts, we know how to do it together with you.