Photo by Rayner Simpson
BYOD or “Bring Your Own Device” received a lot of popularity in the last decade. Basically, it’s a policy that allows employees to bring their own phones to work and use them for work-related activities – an important ability in today’s app-dominated world. But is a BYOD policy possible for a security guard company? What do you need to make a BYOD plan work? What are the risks to your security data? Here’s what you should know.
BYOD Can Be An Option
If BYOD worries your company, it’s easy to create a policy that says: “No personal devices while on the job.” In that case, you will have to provide devices for work-oriented tasks – usually smartphones and tablets that guards will sign in and out as they complete their shifts. This is a possibility for larger companies with the resources to manage that system, but may not be within reach for smaller security guard businesses at this time.
If costs are an issue, then a BYOD policy can save money by having your guards and security personnel use their own devices on the job for communication, compliance, surveillance, and other tasks. This is not unheard of! Security personnel around the world follow BYOD policies. But you need to decide if it’s right for your company, and how to implement this strategy – and how you will explain it to clients.
BYOD Involves Risks, But Not Necessarily More Risks for Guards
BYOD involves a certain amount of risk that security companies should analyze. Companies simply don’t have as much control over personal devices, no matter what policies they create for using those devices. That means that data may be at more risk of being hacked because an employee gets sloppy and forgets proper security practices. Personal devices may also be more likely to be stolen or used by a friend or family member, which can add another layer of risk. This is why security-minded companies may be leery of creating a BYOD strategy for employees on the job.
However, security guards aren’t necessarily at more risk for data theft than any other job. A personal device in an office or on a business trip is probably more likely to be hacked than a personal device out on patrol or in a guard’s station.
Finally, your business must consider the information that guards deal with on their phones, and how sensitive it is. The more sensitive the information, the greater the damage to your company if it is hacked, stolen or destroyed. That could increase the overall risk of BYOD even if hacking attempts are relatively less likely.
Security Guard Apps Need Protection
Most of the technological duties that security guards have do not require separate devices, only apps that they download on their phones. That can include:
- Access control login apps
- Biometric access apps
- Drone control apps
- Camera surveillance and smart control apps
- Timesheet apps
- GPS tracking apps
- Report creation and transmission apps
These apps and the data they use need to be protected from vulnerabilities and potential outside access. The first step is ensuring that the apps themselves have strong security features and vendors that make security a priority. Vet your apps! Look for companies that offer authentication, monitoring and encryption features for their software.
BYOD Needs Strict Policies and Preparation
The biggest part of a BYOD policy is the company’s own policy for allowing it. This can get very complex, but companies often decide on important steps like:
- Basic security: Requiring passcodes, logins, and two-factor authentication to use phones and apps is common sense in a BYOD environment.
- Requiring a VPN: A VPN (virtual private network) helps encrypt all data that goes online and protect against some spying efforts. Companies that choose to allow BYOD on the job sometimes require a particular VPN that can be customized and monitored by the company. Other businesses go a step further and require employees to partition their phones into a business side and work side to keep data as separated as possible.
- Remote monitoring: Other companies may require remote monitoring software, which allows IT departments to access phones and look for trouble from afar. This allows companies to delete sensitive business data or lock phones if an employee reports a phone stolen, and make sure that data isn’t being used improperly.
- App rules: Untrustworthy apps can introduce malware and spyware onto phones. BYOD policies usually limit the apps that employees can download.
- Requiring updates: Vulnerabilities may exist in the phone’s OS, but are typically quickly patched with updates. Companies must keep up to date on operating system security and immediately require any security updates for safety.
- Mobile usage rules: How are you going to keep guards from spending time on Facebook when they should be paying attention? Have strict rules for usage on the job.
Are these considerations a little overwhelming? You can always arrange a consultation with a security tech consultant to find out how a BYOD policy should be implemented in your situation. The more you understand the risks and requirements involved, the easier it will be to make an effective decision.