Developing a Policy for Devices in the Workplace? Here’s What to Consider
A guide to forming rules for using personal technology at work
Modern society—and today’s ever-more digital workplace—has grown to run on technology. The cloud, Internet of Things, social media, smartphones, tablets and voice assistants set the current generation apart. Technology used to be isolated to the workplace, but access to personal devices has drastically changed the landscape.
While this change is beneficial in many ways, it also has its risks, especially in the area of decorum and etiquette.
Technology usage has always been an issue for the workplace, with rules set for who uses what applications, or proper login and logout procedures. With the increase of personal technology and the overall increase of knowledge about technology, however, policies around usage are some of the most important for the productivity, security and discretion of employees.
Bring Your Own Devices
Policies guiding the use of personal devices in the workplace is an important consideration for businesses. The first part to this question is whether personal devices should be allowed.
For some employees, personal devices are a distraction from actual work, whether it’s a text conversation, viewing a video or playing a game. If technology is not required as part of fulfilling an employee’s work responsibility, company policy might focus on prohibiting personal devices in the workplace, or at least limiting use.
When technology isn’t used as a distraction, it can be a highly useful productivity tool. A smartphone can be used to research a topic on the internet, find an answer to a customer’s question, or as a collaboration tool with vendors and coworkers to resolve a problem.
If the company’s business processes are driven by technology, the next question is device ownership. Many businesses have large technology budgets, which include purchasing and maintaining a supply of devices for use by their employees.
Some companies have found they can reduce their budgets significantly and increase employee satisfaction and productivity by allowing employees to use personal devices for work. Bring Your Own Device (BYOD) programs have become a trend in business technology, but security remains an issue.
Even without a formal BYOD program in place, the existence of personal devices in the workplace are a major security risk. A smartphone or smartwatch can be Trojan horse as the device is brought within the firewall of the business.
Simple access to a camera could be enough to divulge company secrets and, if the personal device has permissions on the internal network, the potential for harm increases. This possibility is more significant when considering the lack of basic security knowledge of most technology users, such as why one should set a system password or the impact of giving particular applications permission to access or send device information such as location.
While BYOD programs might reduce the overall spending on technology for a company, spending increases might be required to educate the work force on proper security configurations on personal devices used in the workplace.
Using the right applications
Cloud computing has brought to the forefront many applications with practical business uses. But when web-based applications are used in conjunction with legacy in-house applications, configuration conflicts can arise.
At one time, security once was concerned with divulging sensitive company information in casual conversation, but today, the use of social media magnifies that concern to new levels, as many social media sites collect information unbeknownst by the user.
A traditional solution has been to develop policies for what applications are acceptable on work computers, but that requires some creativity when personal devices are used for work. Some companies have established partitions on personal devices that separate personal use from work use applications, which allows the company to have stricter policies for controlling what applications are used in the office.
Etiquette is a code of conduct agreed on by a society and dictates how we properly interact with each other. While policies are needed for controlling devices and applications, a code of conduct will define the rules of engagement among employees. This code could address how technology should be used during meetings—such as whether they should be turned off or used only for certain purposes. The code could define proper communication pathways, such as when and how email should be used over text messaging or instant messaging.
Properly written technology usage policies will increase productivity, security and employee satisfaction without sacrificing the freedom that most employees seek in using technology.
From a business perspective, usage policies decrease costs and risks to the company. Education is key to enforcing usage guidelines, though some activities might be reportable for further consideration and action by management. The extent of the policies and education depend on the current needs of your business, how much your employees use technology on a daily basis and how familiar they are with it.