If an IT department creates a BYOD policy and no one at the company knows about it, does it actually make an impact? I’ll spare you the suspense – the answer is no.
With the majority of employees now using personal devices for work, establishing a BYOD policy is vital for companies that want to ensure productivity, security and smooth operations. But creating guidelines is only half the battle. The real challenge is making sure that employees know that the policy exists and they can easily follow it.
Getting employees to pay attention to new rules is no simple task, however. Here are some ways to make sure that employees are listening to and internalizing BYOD guidelines.
Create compelling materials
No one wants to read through a 75-page manual that details rules and procedures. Before you begin telling employees about a new BYOD policy, think about what materials you’ll need to communicate it in an engaging way. These could include a slide deck that the IT team can present at companywide meetings, a one-pager that explains how to set up a new device, an introductory email for new hires, or a list of the top 10 security mistakes to avoid, just to name a few. If possible, involve your company’s design team when creating these materials to make them as visually engaging as possible.
When you’re explaining policies to employees, give a clear sense as to why these policies are important. While the security threats may be obvious to the IT department, many employees are unaware of what could happen if they don’t take necessary precautions before sharing sensitive data or collaborating remotely on company files. Define the problem before explaining your solution. To make it concrete, give employees real-world examples of companies similar to yours that have been impacted by data breaches, botnets, malware attacks and the like, especially those that involved mobile devices.
Break it down
Your employees may be brilliant at their jobs, but that doesn’t always translate to having a strong grasp on IT-related and security issues. As you prepare to explain BYOD guidelines, ask yourself: would a fifth-grader understand what I’m saying? This means taking the time to define your terms and spell out your acronyms. This isn’t to suggest that your employees aren’t smarter than a fifth-grader. Rather, it’s the best way to ensure that they will understand how to follow the new rules.
Lay out the do’s and don’ts
One way to make the message clear? Give employees an easy-to-print list of action items that they’re responsible for, such as password-protecting devices, and common mistakes that they should avoid, like using unsecure file-sharing apps. Employees will then have a clear sense of what’s expected of them, as well as a quick and easy way to reference BYOD-related procedures and rules. Keep this to one page to avoid overwhelming your audience, and make it readily available wherever your company stores its files.
Build it into training
The first few weeks on the job are the perfect time to let new hires know about the company’s BYOD policies. Again, this doesn’t mean handing over a document and expecting them to read the guidelines on their own. (They probably won’t.) It means taking the time to walk them through the company’s big-picture approach to BYOD and clearly outline employee expectations. Leave ample time for new employees to ask questions, and make sure they know the best way to get in touch if any issues arise.
Most people need to hear new information a minimum of three times before they can absorb it. In other words, if employees only hear about BYOD procedures at orientation or at a yearly IT lunch-and-learn, chances are they’re not going to retain much. After any meeting or presentation, give employees clear next steps and establish checkpoints to ensure that teams are following through. Find new and interesting ways to get the BYOD message across throughout the year, such as sharing news about security breaches, along with a quick list of BYOD reminders.
As capable as your IT team is, it should not be the sole enforcer of BYOD policy. Instead, enlist managers throughout the company to help with implementation by equipping them with the training and tools that they need to ensure their teams don’t go rogue. Ideally, managers serve as the eyes and ears of the IT department, calling out colleagues for security faux pas and reminding them how to safely share, edit and collaborate on company files.
Are employees aware that your BYOD policy exists? Is there any aspect of it that they’re electing not to follow? What kind of support do employees need from the IT department? How often are they using personal devices for work? These don’t have to be hypothetical questions. Periodically surveying employees can be an excellent way to ensure that your communication efforts are working. Additionally, the more you know about how your teams feel about the current BYOD policy, the better you can tailor it to fit their needs.
Create a plan of action
A communications plan is not just a list of tactics. Devote time to planning ahead, developing materials and scheduling training sessions, lunch-and-learns, email campaigns and so on. Assign actions to various members of the team to ensure things actually get done. While this may sound like a lot of work, it will pay off in the long run when employees are educated about why your BYOD policy exists, what it entails and what steps they need to follow.
There’s no doubt that we’re in the midst of a workplace transformation. As technology continues to make us more productive, security threats are becoming increasingly prevalent and complex. For companies that want to take advantage of the benefits of modern technology without inviting security risks, employees can sometimes be the biggest liability. But with a clear BYOD policy and smart communications plans, you can turn them into your biggest assets.