7 best practices for a BYOD strategy

Bring your own device (BYOD) can empower employees and make them more productive, but it also poses serious compliance, security, and privacy risks for the enterprise. Before you develop your BYOD policy, review these 7 best practices and see how a complete enterprise mobility management solution from Citrix can help.

ARTICLE | 4m read
June 30, 2020

BYOD is here to stay

Everybody is talking about BYOD policies – allowing employees to use their personal laptops, smartphones, or tablets for work. Whether your business has a formal BYOD policy in place or not, the reality is that many people already use their personal mobile devices for work. This can have a very positive impact on business – BYOD allows employees to choose which device is best for them, and acknowledges the reality of the personal, multi-device way people live and want to work.

Implementing a clear, thoughtful BYOD policy is key

While BYOD can empower workers and allow them to be more mobile and productive, it also raises many security concerns for the enterprise. How can employees access enterprise applications and confidential business information on their personal devices without raising serious compliance, security, and privacy risks? How can IT control license management issues or conduct support? What happens when employees use unmanaged third-party apps? Implementing a BYOD policy can seem overwhelming, but it doesn’t have to be.


The best approach to a BYOD strategy will vary from organization to organization, based on individual priorities and concerns, but here are 7 best practices that every business should consider when developing a BYOD policy:

1. Determine who’s eligible

The first step is to determine who is eligible to use their own devices for work. One way to decide who can participate in a BYOD program is to apply certain criteria such as worker type, performance, or frequency of travel. However, no matter how broad the BYOD requirements may be, managers should have final approval.

2. Determine which devices are allowed

If your organization wants to install applications directly on endpoints, IT will have to determine the minimum requirements for OS, application support, and other criteria. This can become complicated very quickly. A more efficient and secure solution is desktop virtualization, which allows workers to run a full Windows desktop on any device.

3. Decide which services are available

A BYOD policy doesn’t have to be all or nothing – you should think about what services you want to make available on personally owned devices and to whom. Will this vary based on user type, device type, or network? There are many scenarios and you should choose the one that is best for your company.

4. Communicate your rollout plan

Once your BYOD policy is ready for rollout, communication will be key to its success. Employees should receive guidance on which device is best for their needs. They should also be counseled on the rights and responsibilities that come with using a personally owned device for work. It is important to reinforce acceptable-use policies and segregate work data from personal data.

5. Determine how the cost will be shared

One of the biggest advantages to a BYOD policy is cost savings. Having workers pay some or all of the costs for work devices can really improve an organization’s bottom line. A BYOD strategy can also keep IT from having to procure and maintain certain hardware. Many companies offer incentives to participate in a BYOD strategy, such as rewarding employees with a stipend or some other form of compensation. Consideration should be taken to give your organization the best ROI on a BYOD policy.

6. Consider security and compliance issues

Most CIOs are concerned about the security risks involved in a BYOD strategy. Installing applications directly on personally owned devices can raise many security and compliance concerns. This is why many organizations rely on an enterprise mobility management solution. Through desktop and app virtualization, all business information remains secure within the datacenter – not on a worker’s personally owned device.

7. Define how support and maintenance will be handled

Because the user is also the owner, a BYOD strategy greatly reduces the total maintenance required for each laptop, tablet, or smartphone. However, a BYOD policy must clearly define how various support and maintenance tasks will be handled – and who will pay for them.

In choosing the best BYOD strategy for your organization, there are many factors to consider. No BYOD policy is one size fits all, which is why many organizations turn to trusted companies like Citrix. As a leader in mobile workstyles and an early adopter of BYOD for its own employees, Citrix supports BYOD with a unified app store, Windows and app virtualization, and secure file sharing for a complete enterprise mobility management solution.