With the majority of employees now using personal devices for work, establishing a BYOD policy is vital for companies that want to ensure productivity, security and smooth operations. But creating guidelines is only half the battle. The real challenge is making sure that employees know that the policy exists and they can easily follow it.
Getting employees to pay attention to new rules is no simple task, however. Here are some ways to make sure that employees are listening to and internalizing BYOD guidelines.
Create compelling materials
No one wants to read through a 75-page manual that details rules and procedures. Before you begin telling employees about a new BYOD policy, think about what materials youíll need to communicate it in an engaging way. These could include a slide deck that the IT team can present at companywide meetings, a one-pager that explains how to set up a new device, an introductory email for new hires, or a list of the top 10 security mistakes to avoid, just to name a few. If possible, involve your companyís design team when creating these materials to make them as visually engaging as possible.
When youíre explaining policies to employees, give a clear sense as to why these policies are important. While the security threats may be obvious to the IT department, many employees are unaware of what could happen if they donít take necessary precautions before sharing sensitive data or collaborating remotely on company files. Define the problem before explaining your solution. To make it concrete, give employees real-world examples of companies similar to yours that have been impacted by data breaches, botnets, malware attacks and the like, especially those that involved mobile devices.
Break it down
Your employees may be brilliant at their jobs, but that doesnít always translate to having a strong grasp on IT-related and security issues. As you prepare to explain BYOD guidelines, ask yourself: would a fifth-grader understand what Iím saying? This means taking the time to define your terms and spell out your acronyms. This isnít to suggest that your employees arenít smarter than a fifth-grader. Rather, itís the best way to ensure that they will understand how to follow the new rules.
Lay out the doís and doníts
One way to make the message clear? Give employees an easy-to-print list of action items that theyíre responsible for, such as password-protecting devices, and common mistakes that they should avoid, like using unsecure file-sharing apps. Employees will then have a clear sense of whatís expected of them, as well as a quick and easy way to reference BYOD-related procedures and rules. Keep this to one page to avoid overwhelming your audience, and make it readily available wherever your company stores its files.
Build it into training
The first few weeks on the job are the perfect time to let new hires know about the companyís BYOD policies. Again, this doesnít mean handing over a document and expecting them to read the guidelines on their own. (They probably wonít.) It means taking the time to walk them through the companyís big-picture approach to BYOD and clearly outline employee expectations. Leave ample time for new employees to ask questions, and make sure they know the best way to get in touch if any issues arise.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.