Do you know for certain that all of your employees follow company policies and procedures regarding the systems they use to perform their duties? Even if you think the answer is yes, you might be surprised to find out some of your employees aren’t as aligned as you think.
By Jenna Cyprus
Imagine, for example, that one of your best employees knows they aren’t allowed to access the company’s cloud server from public Wi-Fi. In ten years, they’ve never violated this rule. However, they recently began working from home one day a week and this week they forgot to finish up some important tasks in the cloud.
Your employee happens to be at a coffee shop when they realize they’ve forgotten some tasks, and they decide to log into the company’s cloud server on a public network “just this once.” Several weeks go by and nothing seems to have gone wrong so they do it again. Soon, it becomes a habit. Now you’ve got an employee regularly accessing the company’s cloud server from public Wi-Fi, putting the entire company at risk.
How do you get employees to adhere to company policy, let alone find out when they’re breaking protocol? You have to be strict without compromise.
Don’t create a BYOD policy
While many businesses allow employees to use their own devices for work, there are inherent security risks with this practice. It’s understandable why businesses adopt BYOD policies. Employees do it anyway, and it’s easier to work around this habit than try to fight it.
Forbes published statistics relevant to the BYOD movement and it seems that companies are saving $350 per year, per employee. For a company with 20 employees, that amounts to saving $7,000 per year. However, those savings are short-term and will become irrelevant in the event of a data breach.
Employees want to use their own devices because it’s familiar and comfortable. Productivity increases when employees are familiar and comfortable with the devices required to do their job. However, a BYOD policy is a gateway for risky practices you may never find out about.
Train employees to use your tools, not theirs
It’s easier to let employees use their own tools, but they’re perfectly capable of learning to use new ones. Your business’ security is worth investing in this additional training when necessary. Allowing employees to blend their personal life with their business life is a bad idea.
Say you allow your employees to use their personal smartphone to conduct official business online. The next logical step for the employee would be to use their smartphone to take and place company phone calls. Why not? They’re already using it for business, and it doesn’t make sense for them to be forced back to their desk to make a phone call.
If you allow this, you’re setting yourself up for a future disaster. What happens when that employee leaves the company and nobody can reroute clients to a new contact number? What happens if that employee was fired and sabotages the company when unsuspecting clients call their personal cell phone?
It’s convenient to allow employees to use personal phones, but the risks are too great. However, there is a workable compromise for this situation; VoIP. With a VoIP (Voice over IP) phone system, your business can provision an application on the employee’s smart phone that will provide a company direct dial number and extension for the remote employee.
This provides the business owner with control of who fields the calls. Additionally, when calling from the application, the employee is delivering the number and caller ID of the business, not the cell phone! Finally, if the employee is terminated from their position, you can disable the application and reassign the direct dial number/extension to another employee.
There are additional benefits to VoIP. For example, with a hosted VoIP phone system you don’t need the physical system to be at the location. This way, you can set up your remote associates with a desk phone or a soft phone application for their lap top or smart phone. Again, that makes their outbound calls appear to come directly from the company. They can also be included in group calls. Since you control the system, you control where all calls are routed, no matter where your employees are located and what device they are using.
You don’t need to embrace the BYOD movement to be successful
Plenty of companies have achieved success by providing employees with company tools, including computers and mobile devices. It’s understandable to want to avoid the extra cost, but it’s a slippery slope. You’re the boss, so be the boss. All it takes is one unencrypted login to open you up to a data breach and possible lawsuit.
Jenna Cyprus is a freelance writer from Renton, WA who is particularly interested in travel, nature, and parenting. Follow her on Twitter.
The post It’s Time to Rethink Your BYOD Policy to Prevent Policy Violations in Your Company appeared first on SmallBizDaily.