Essential Guide

This Essential Guide is a collection of articles, videos and other content selected by our editors to give you a comprehensive view of this topic.

Put it on paper: A guide to mobile device policy creation

Though it may not be the most glamorous part of your job, writing strong mobile device policies and enforcing them can help keep corporate data safe and stop malware and viruses from infiltrating your network.

In the BYOD era, data leakage and mobile malware are top concerns for IT pros, but crafting a strong mobile device policy and distributing that information to users can mitigate some of the risks.

Although writing a mobile device policy isn't the most exciting task, it's an important one. These policies can prevent some serious problems, such as sensitive corporate data leaking or a virus making its way onto your network. There are different policies that can help head off problems, such as bring your own device (BYOD), mobile device security and acceptable use policies. When employees know what's expected of them, they're less likely to break the rules.

Of course, policies themselves don't stop workers from violating regulations, so you'll need ways to enforce those rules, such as mobile device management (MDM) and other tools. Take a look at these tips for writing successful policies, learn about more advanced facets of enforcement and watch experts weigh in on the importance of writing down regulations in the consumerization age.

How-tos

1. Getting started

Companies that allow workers to use mobile devices should have rules around security and use. Whether devices are corporate or personally owned, users need to know what they can and can't do with them, and how those expectations will be enforced. While this is a pretty simple concept, the act of writing security, mobile device, BYOD and acceptable use policies can seem daunting. Check out these how-to tips to learn the basics of policy writing.

  • How to write a mobile device policy

    Writing a good mobile-device security policy begins with information gathering. Find out what potential threats and other risks devices pose, then pin down the number of devices that the policy will apply to. Write up the policy, and send it out to users.

    Tip

  • How to write a BYOD policy

    Every company has to craft a BYOD policy that's specific to the business and its needs, but most policies cover the same questions: How should users protect their devices, what data and apps can users access, and what happens when a device is lost or stolen or an employee leaves the company.

    Tip

  • How to enforce a BYOD policy

    Tools you already use to enable BYOD, such as ActiveSync, can also help you enforce policy. But it's important to make sure that the programs you use to enforce a BYOD policy have all the functionality you need.

    Tip

  • How acceptable use policies can control apps

    An acceptable use policy lets users know what they can and can't do with their devices. But even if users know what's expected of them, you still need to enforce it. You can do that with blacklisting and whitelisting, MDM, mobile application management (MAM) or an enterprise app store.

    Tip

  • How to secure Android devices with a mobile device policy

    If you enroll all the Android devices on your network in an MDM system, the tool can notify you or users (or both) when an action taken on the device breaches policy. Then, it can enforce the policy by un-enrolling the device.

    Tip

Dig deeper

2. Helpful hints

Once you get the appropriate policies in place, make sure they're going the distance. That means following through on enforcing the rules, making updates to the policies as needed and disseminating the rules to users. When the whole organization is on board with keeping devices secure, it makes your job as an IT pro a little easier.

  • BYOD policy best practices

    Make sure your BYOD security policy includes specific measures to decrease business risks, such as data encryption, registering devices, secure authentication and more.

    Tip

  • Policy templates to get you on the right track

    If you're struggling to write your policies, check out these templates. You can use them as a guide or tweak them slightly to fit your company's needs.

    Tip

  • Don't love and leave your policies

    Writing BYOD, security and mobile device policies is only the beginning. As technology changes, your policies need to as well. Revisit them frequently, and update them when necessary.

    News

  • Use policies to improve smartphone security

    MDM helps you manage devices, but it's only as good as your BYOD security policies. When you make users aware of potentially dangerous behaviors, workers can help you keep their devices secure.

    News

Watch and learn

3. Videos

Everyone has something to say about how and why to implement security standards and policies in the enterprise. Hear what some experts in the field have to say on the matter in these videos.

  • 'Everyone is God on his own device'

    One of the challenges of enforcing mobile security policies in the BYOD world is that users are in charge of their own devices. You have to be willing to tell workers that you're going to enforce policies on their devices, and you need ways to encrypt, wipe and protect data.

    Video

  • Mobile threats to be aware of

    Mobile devices, applications and the cloud have introduced many new vectors from which corporate data can leak. Make sure you have enough mobile device policies and procedures in place to keep sensitive data out of the wrong hands.

    Video

  • Choose realistic rules to improve your policy

    Mobility is a huge game-changer for the enterprise, but data leaks and other mobile threats can impede the productivity of a company, rather than advance it. Consider applying policies on a per-user or per-application basis.

    Video

Think fast

4. Pop quiz

Now that you're an expert on mobile device policy and preventing data left, take this quiz and prove it!

Take the quiz

Brush up

5. Glossary

Learn more about corporate mobility policies with these definitions.