Pagoda Blog

How to Create a BYOD Policy for a Hybrid Workplace

August 19, 2021

Have you evaluated your businesses’ BYOD (bring your own device) policy since the start of the pandemic? There may be things you need to revise to account for the unique needs of a hybrid workplace. Many businesses now have a mix of employees working from home and at the office, with some employees even doing a bit of both. Reviewing (or creating) your BYOD policy is an essential part of a comprehensive cybersecurity strategy. Here’s what you should include to ensure your remote workers have what they need to remain effective and protect your data.   


Secure both personal and employer-provided devices 

A hybrid workplace may consist of employees who work part time at home and part time in the office. Whatever your exact setup looks like, it’s important to identify what device(s) your employees can use to conduct remote work. 


For optimal security, we highly recommend using separate devices for work and personal use. If your business has the means to provide employees with work-specific devices, such as a laptop and smartphone, your network will be more secure. The longer employees work from home, however, the higher the likelihood is that they will end up using a personal device to access work data. This is where the BYOD policy becomes essential. The first step is to register and authorize all personal devices, ensuring that your IT team can have access in the event of a data breach.


The second step is to either install a monitoring app to scan home networks for vulnerabilities or ask remote employees to conduct a self-audit. Employees’ devices should all utilize the latest operating system and connect to the internet via a secure VPN connection.  All devices should also have antivirus software and firewalls installed that meet your company security standards. In some cases it may make sense to simply provide a license to remote employees for the same security tools used on company-owned devices.  


Designate work-only apps and collaboration tools

Your remote workers need a secure and effective way to communicate with their fellow team members and with clients. These tools include video conferencing software like Zoom or Microsoft’s Teams, communication platforms like Slack, and cloud-based application suites like Office 365 Business. To improve the security of each application and collaboration software, require both two-factor authentication and a strong, unique password that’s saved in a password management system.

Require regular cybersecurity training

All employees, both onsite and off, should receive regular cybersecurity training. These trainings help keep all team members aware of the latest cybersecurity threats, how to mitigate those threats, and what steps to take should they fall prey to a phishing scam or other cyberattack.  


Related post: 11 Ways to Spot a Phishing Email 


Get cyber liability insurance

In the unfortunate event of a data breach, cyber liability insurance can greatly mitigate the immediate and long-term damage. This insurance can cover the costs of repairing infected software, paying a ransom, costs associated with a disruption to operations, and credit monitoring for customers. Cyber liability insurance not only provides financial assistance, but also assistance navigating the steps required to investigate, evaluate, and report a data breach to affected parties.  


Create a simple sign-up process

Each employee who plans to either work partially or exclusively remote should officially sign up for your BYOD program. This sign-up process should include submitting a BYOD request (preferably through an IT ticket system for easy tracking), authorization and then a simple set-up. Authorization refers to the authorization of all personal devices the employee plans to use. IT should check each device to ensure the operating system and all software is up to date. Set-up typically includes downloading designated apps and receiving a signed copy of your BYOD contract to confirm the employee has read and agreed to the policy.  


Conduct regular compliance monitoring

Part of your BYOD policy should be a process for regularly monitoring employees’ compliance. This process should include checking devices to ensure their operating systems, antivirus software, and firewalls are all up to date, in addition to reviewing work-approved applications and security protocols for those apps. 


For many employers, remote work is here to stay which means it’s critical to establish policies and procedures to support that work. If you’d like help setting up secure systems for your hybrid workplace, get in touch today.  


Feature photo by LinkedIn Sales Solutions on Unsplash


Related posts: 

Setting Up a Secure and Productive Home Office for the COVID-10 Outbreak

Microsoft Teams vs SharePoint: The Best Choice for Your Business

What to Look for When Hiring a Managed Service Provider (MSP) 


Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and sharpen your technical skills, from cybersecurity to digital marketing




Want IT to serve you better?





About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at to schedule a complimentary IT consultation.

Return to Pagoda Blog Main Page

As your trusted IT service partner, Pagoda Technologies is here to help you achieve your near and long-term business goals through reliable and affordable IT support. 

Pagoda Technologies

101 Cooper Street

Santa Cruz, CA 95060


Contact us for a free IT consultation



Get in touch 

Join our newsletter

Want IT to serve you better? 




Follow Us

Facebook LinkedIn LinkedIn