Work with your cybersecurity, IT and legal teams to create a policy that meets your compliance standards and makes sense for your business needs, our guest columnist recommends.