Do you use a personal device on your organization’s network? If so, what are the bring-your-own-device (BYOD) policies within your enterprise or organization?
If you're unsure, a new e-book, BYOD for You: The Guide to Bring Your Own Device to Work, just might help you. In it, author Dan Lohrmann, who is the chief security officer and deputy director for cybersecurity and infrastructure protection for the state of Michigan, addresses the concept of BYOD and how both the public and private sectors can properly carry out BYOD practices in a beneficial and secure way.
The book, now available on Amazon, outlines the do’s and don’ts of bringing your smartphone or tablet to work, and was written specifically for employees bringing their own device to their workplace, Lohrmann said.
BYOD for You
The new e-book is available for download on Amazon for $4.99, but for a limited time only -- on Tuesday, April 16, and Wednesday, April 17 -- the book can be downloaded for only $2.99.
According to a study from readwrite.com and Intel, 38 percent of U.S. CIOs were expected to support BYOD by the end of 2012. In 2013, 82 percent of surveyed companies allow some or all employees to use personal devices.
In a study released last year by Gartner, results showed that BYOD was a top concern for enterprise mobile security.
But Lohrmann, who also is a blogger for Government Technology magazine, said one of the big problems enterprises face with BYOD is that employees use personal devices for work-related purposes without the consent of an official policy developed by the enterprise.
“It could be anybody who doesn’t have a [BYOD] policy, but they’re still doing it,” Lohrmann said. “So what do they need to know?”
To help readers, or the end-users, understand at what level their enterprise embraces a BYOD environment and defines BYOD policies, Lohrmann outlines three levels in his book: bronze, silver and gold.
The following are some examples, but don’t necessarily reflect all concerns or situations regarding BYOD uses and policies:
Bronze: An end user is using a personal device for work purposes, but his/her enterprise has no official BYOD policy. Therefore this end user is not reimbursed for any costs incurred from using the device. Privacy of personal data and company security policies may present concerns.
Silver: An enterprise does have a BYOD policy outlining the access of data, security and policy, however the enterprise does not reimburse its employees for using their own devices. The enterprise may provide smartphones with all expenses paid, but users may not want to be locked into a work smartphone contract.
Gold: The enterprise has clearly laid out BYOD policies and fully reimburses the employee for all of his/her device’s costs. Although the enterprise may include mobile device management (MDM) software, these employees may become concerned about having their personal data monitored.
Lohrmann said ethical concerns may arise when employees who work at a company that lacks a BYOD policy inadvertently violate other company policies when they’re on a personal mobile device. For example, a company may have a strict “no Facebook” policy, but employees, although on a personal device, could be using the popular social media site during work time and therefore breaking company rules.
“There are policies already that you need to be aware of that affect workplace behavior in general for employees: state employees, for government or for business employees,” Lohrmann said. “Your ethical behavior is impacted by how you use your mobile equipment.”