When you’re starting a business, you may not have the funds to buy all the technology that would make running that business easier. Allowing your employees to bring devices to work is a simple way to bridge the gap. After all, your people are already familiar with using their own devices; they may have apps or programs that help them do their work, and the devices go home with them, which makes telecommuting easier. But security risks crop up every time an employee uses a personal device at work.

To create a strong BYOD (bring your own device) policy, you need to know the security risks┬ápersonal devices bring to the table. That way, you can customize your policy around those risks. Your business is still new, so start this BYOD policy early. Integrate it into company culture and get employees used to complying with it. Update and revise it as employees join your ranks, and hold internal education sessions so employees always know your business’ latest security efforts.

Some starting ideas for your BYOD policy should include creating a list of approved devices employees can use and the registration process for those devices. Not all personal devices have the same security; an iPhone 6S Plus on the T-Mobile network runs the latest secure iOS, but a jailbroken iPhone 3 probably doesn’t. Older devices might run operating systems with holes or flaws that developers have since fixed but that still leave those devices vulnerable. This is just the beginning. Check out this T-Mobile infographic outlining major BYOD concerns and showing how you can solve them in a solid BYOD policy.