Are you setting up bring-your-own-device (BYOD) policies for your small and medium-sized businesses (SMBs) customers? We've compiled some best practices (with the help of Amtel founder and CEO Pankaj "PJ" Gupta) to help you avoid pitfalls along the way. Here are five things to watch for as you put together your plans.

Relying on public app stores

While the Apple (AAPL) App Store and Google (GOOG) Play can provide simple distribution and rudimentary protection against viruses and malware, it's a good idea for businesses to leverage a private enterprise app store to manage all apps in use, including internally developed apps, Gupta said.

However,  businesses may not have the resources available to develop their own apps and app stores, Gupta explained.

"It's very difficult for companies to build their own company apps," he said.

Ineffective policy compliance

Gupta said BYOD policies need to cover security, protect resources, reduce risks and control expenses. Administrators should define time and location windows with access restrictions, including which apps can and cannot be run within the boundaries.

Limit the types of devices you allow onto your network. It you don't set limits, management of the devices will become more complex and time consuming. Your list of permitted and supported devices and operating systems should be included in the company BYOD policy.

Weak security

Many companies leave security to end users, and that's a mistake, Gupta said. Basic authentication and password controls are not enough.

BYOD devices should have containerized corporate data to separate applications, he added. A password should be attached to the container to protect data even further.

Ignoring usage

Track talk, text, data and roaming usage, he said. Usage monitoring, threshold-based alerts and analytics can help uncover misuse, security exposures, and prevent cost overruns due to excessive data bandwidth usage and unexpected international roaming charges.

Remember, Gupta said, once a device is brought into a corporate environment, all data will go through corporate bandwidth, which can be a problem if an employee leverages that bandwidth for personal use, including movie and music downloads.

Not banning rogue devices

He pointed to rogue devices as a problem with BYOD. Jailbroken and rooted devices comprise security and company data.

Avoid these devices at all costs. Standard configuration settings will need to be enforced to protect an oganization from malware and security threats.