19 Dec What’s the right device policy for your company?
What’s the right device policy for your company?
Device policies pertaining to smartphones and other technology tools continue to frustrate business owners as they try to balance their needs for security and functionality against employees’ rights to privacy and freedom. At some companies, loose “bring your own device” (BYOD) policies are giving way to stricter “choose your own device” (CYOD) or “corporate-owned, personally enabled” (COPE) policies.
CYOD: Their device, your data
A CYOD policy lets employees buy a device for combined personal and work purposes from an approved list of products. Generally, the employee owns the device with the business retaining ownership of the SIM card and any proprietary data. Many employers pay for the accompanying mobile plan. Sometimes, high-performance devices are made available only to “power users,” while employees with fewer tech-related job requirements must choose from lesser models.
Under a CYOD policy, you can:
- Ensure device compatibility with your systems,
- Require security protections on the devices, and
- Conduct ongoing security monitoring.
It also makes maintenance and support easier for your IT department, because IT staff will know exactly which devices they’ll need to handle.
Some employees may be unhappy with their choice of devices, which can undermine morale and productivity. Then again, many workers appreciate the improved functionality and flexibility of owning a device that connects them to work.
COPE: All yours
If you’re looking for even greater control and security, look into a COPE policy. They’re most common at large companies or those with heavy compliance burdens.
Here, you buy and own the device, which is intended primarily for business purposes. Most policies do allow for limited personal use — such as phone calls and messaging, approved non-work-related apps and some settings customization.
COPE policies are like CYOD policies in that you can configure employees’ devices for maximum security (including blocking certain features or apps and activating remote wipe capabilities). But they go one step further by minimizing personal use and allowing you to retain possession after an employee leaves the company. Another upside: Many employees will view an employer-provided device as a valuable perk.
One downside is you’ll incur higher costs in covering both the purchase price and mobile plans, though you may be able to lessen the hit through volume discounts. In addition, employees may have concerns about their employer-provided devices inevitably containing some of their own information. “Containerization” tools can help alleviate such worries by segregating business and personal data.
A matter of priorities
The right move for your company comes down to priorities. To tighten security and control costs, a CYOD policy may be a reasonable upgrade to an existing BYOD approach. But if you need absolute security, a COPE policy could be necessary.
Bear in mind that you can always customize a policy to best suit your needs. For example, you might apply different requirements to different departments based on the type of work performed and data accessed.