In any organization, a variety of security issues can arise which may be due to improper information sharing, data transfer, damage to the property or assets, breaching of network security, etc. Here is a sample byod policy template that organizations can adapt to suit. Bring your own device byod and acceptable use policy security of information, and the tools that create, store and distribute that information are vital to the longterm health of our organization. Are there other policies that could address concerns related to byod, such as a datastandards policy referencing data security. If policy is needed, to what extent does existing policy cover the use of personal devices.
A breach of the data protection act can lead to the university being fined up to. A bring your own device byod policy is becoming the norm for many companies because its not nearly as easy for businesses to keep pace with the rapid advances in technology as it is for individuals. Policy and guidelines for governmentprovided mobile device usage. Bring your own device policy sample free legal documents. You are no doubt aware of those risks and have policies in place on your corporate email system to block these forms of attachments. Byod acceptable use policy national league of cities. A byod policy can help set a business up for successespecially a small companybut there are definite downsides to consider. The ultimate guide to byod bring your own device in 2020. It is not guidance for the purposes of the bsb handbook i6. For example, if the employee leaves company name with 78 weeks left in. Chief information officer as part of a broader analysis of byod policies for organizations. Sensitive business data includes all documents or data. Policy mandates that only eligible employees with particular job requirements be granted the privilege of purchasing using their own smart phones and tablets for business.
Employee is responsible for obtaining and paying for all other technical support services from. Therefore, staff must follow the guidance in this document when considering using byod to process personal data. You must read, understand and formally accept this policy by signing and returning the bring your own device application form and acceptable use statement found in. First one is the state of oklahome and second one is a high school. Students breaching the byod policy if a student breaches the byod policy or if a member of staff feels that they are likely to have breached this policy then the students device will be confiscated and held in the school office. This is a sample byod policy with language incorporating the considerations discussed. Devices that have taken part in the byod pilot will be covered retrospectively by this policy by completing and returning the bring your own device application form and. Jan 02, 2019 pdf formats, word documents, and video in particular pose risks. Byod acceptable use policy p a g e 5 of 12 devices below these specifications will not comply with our policies and therefore will not be supported.
Download a free copy of our byod policy for law firms template. Company xyz has a zerotolerance policy for texting or emailing while driving and only handsfree talking while driving is. Some of this data may be workrelated but other data will inevitably be. If youre thinking about implementing a byod policy, its a good idea to. May 26, 2015 what is the right byod policy for your firm, you ask even if you didnt. However, those rules dont apply when the owners of devices access their own email in their own time. Jun 08, 2018 after opening with a paragraph or two about how your company is granting byod privileges for the convenience and productivity of employees, as well as a statement that the security of the businesss data and technology infrastructure is of the utmost importance, the sections of a boilerplate byod policy could include the following. Apr 10, 2019 a byod policy can be a tremendous benefit, but it will only be successful if it clearly establishes the rights and responsibilities of both the company and the employees. Bringyourowndevice byod policies are set by companies to allow employees to use their personal smartphones, laptops, and tablets for work. Many organizations limit the types of byod devices that can be used and which resources they can use, such as permitting. Some companies may need to add sections that apply to different user groups with varying job requirements.
This device policy applies, but is not limited to all devices and accompanying. However, in the office premises, it must be used only in accordance with the rules and decorum of the organization. Byod acceptable use policy purpose the purpose of this policy is to define standards, procedures, and restrictions for end users who are connecting a personallyowned device to company names organization network for business purposes. Security policy template 7 free word, pdf document. Mar 01, 2019 a comprehensive byod policy can be unending. Policy background and context the purpose of this policy is to define accepted practices, responsibilities and procedures for the use of personallyowned mobile devices, including mobile phones, smart phones and tablets, that the indiana office of technology iot. Micro, 2012 this model complicates policy and data control in organizations and increases the importance of having a strong policy. This mobile device byod policy template is meant to be used only as a guide for creating your own mobile device byod policy based on the unique needs of your company. A byod policy can be a tremendous benefit, but it will only be successful if it clearly establishes the rights and responsibilities of both the company and the employees. A 2014 survey, reported that industry leaders like intel have approximately 70% of their. Heres how to create the right byod policy for your law firm. It also demonstrates what steps your office has taken to minimize potential for breaches, which can go a long way with hhs. Users guide to telework and bring your own device byod. If your device is second hand, restore to factory settings before using it for the first time.
This document describes acceptable use pertaining to using your own device whilst accessing university systems. Use of personally owned devices for university work 3 mobile phones, smart phones and tablet devices. Bring your own device byod policy bar council practice. Also, the sample policy should be modified to conform with any relevant law particular to your state or local jurisdiction. Pdf formats, word documents, and video in particular pose risks. It is for this reason we have established our byod and acceptable use policy. What is the right byod policy for your firm, you ask even if you didnt. Configure your device to enable you to remotewipe it should it become lost.
Policy background and context the purpose of this policy is to define accepted practices, responsibilities and procedures for the use of personallyowned mobile devices, including mobile phones, smart phones and tablets, that the indiana office of technology iot authorizes to connect to enterprise systems. This policy outlines requirements for byod usage and establishes the steps that both users and the it department should follow to initialize, support, and. Johnson, 2011 successfully implementing a mobile device policy is critical to the success of a byod initiative, this covers the entire. Device loss devices used to transfer or transport work files could be lost or stolen. What is byod bring your own device byod refers to technology models where students bring a personally owned device to school for the purpose of learning. To provide a sample policy for chambers on personallyowned devices used by members of staff and pupils scope of application.
The byod working group assembled sample policies in use at agencies to help inform it leaders who are considering developing a byod program for their agencies. Mar 19, 2017 this policy outlines requirements for byod usage and establishes the steps that both users and the it department should follow to initialize, support, and remove devices from company access. Background to this policy corporate it departments face two challenges when contemplating a byod policy. Pros and cons of a bring your own device byod policy. Bring your own device policy university of strathclyde. Employee is responsible for obtaining and paying for all other technical support services from their mobile communications provider or device manufacturer. They can update company data, prepare documents, and participate in webin ars away from the office. While the document specifically addresses federal agencies, it provides a highresolution view of byod policies including the conceptual framework and alternative models for implementation. Byod policy allowing staff to use their favorite devices while cutting costs. Bring your own device byod policy bring your own device.
The students parent will be contacted and they will need to come into school to collect the device. Bring your own device byod policy state library of nsw. Policy and procedures for use of personally owned mobile. Bring your own device byod programs call for three critical components. Obviously would need to edit and update some information but may be. It is committed to supporting staff in this practice and ensuring that as few. The security policy implemented may include, but is not limited to, policy elements such as passcode, passcode timeout, passcode complexity and encryption. Page includes various formats of byod policy sample for pdf, word and excel. This it manager daily article provides a sample byod policy template that organizations can adapt to suit their needs.
A personally owned device is any technology device brought into the school and owned by a student or the students family, staff or guests alberta education, 2012. However, here are some crucial aspects which every byod policy must, at the very minimum, answer. Bring your own device policy and rules of behavior. It services policy itp03 bring your own device byod policy. Any member of staff found to have deliberately breached the act may be.
Use of personally owned devices for university work. Encrypt documents or devices as necessary see protection of information held on mobile devices and encryption policy. Oct 03, 2012 a comprehensive byod policy requires the collaboration of hr and benefits, upper management, finance, legal if your company has one and, of course, it. Nov 17, 2017 byod bring your own device policies and best practices. It is provided only as an exemplar and is not intended to be used without modification to fit your particular operational situation. Bring your own device policy 1 introduction the university of strathclyde recognises the benefits that can be achieved by allowing staff to use their own electronic devices when working, whether that is at home, on campus or while travelling. This document outlines a set of practices and requirements for the safe use of mobile devices and applications. A security policy template enables safeguarding information belonging to the organization by forming security policies. The purpose of this document is only to provide a sample guideline and a framework for generating a mobile device policy for your clients use. Do not forget that an important component of any policy is audit and ongoing monitoring of compliance.
It is important for your policy to be professional, and you can use a byod policy sample to help you keep things simple and professional. Users must accept that, when connecting the personal mobile device to state ofindiana resources, iots security policy will be enforced on the device. This document and sample policy has been prepared by the bar council to assist barristers on matters of information security. Its probably different for your firm than the next. With respect to such equipment andor services, employees neither have a right of privacy nor an expectation of privacy, with respect to the use of equipment andor services. This publication provides recommendations for securing byod devices used for telework and remote access, as well as those directly attached to the enterprises own networks. How to draft the right byod policy for your law firm. An audit of existing policy may be the place to start. This is not a comprehensive policy but rather a pragmatic template intended to serve as the basis for your own policy.
Byod utilization in business allows employees to work from anywhere they have a network connection. Is the institutional technology acceptable use policy sufficient. Below is a sample byod policy template that organizations can adapt to suit their needs include additional details where it makes sense. After opening with a paragraph or two about how your company is granting byod privileges for the convenience and productivity of employees, as well as a statement that the security of the businesss data and technology infrastructure is of the utmost importance, the sections of a boilerplate byod policy could include the following. Byod policy sample download free documents for pdf, word. Through the help of a byod policy sample, you will be able to write up something that will allow your employees to know what is required of them and what you want to see happen in the workplace.
Security services including policy management, password management and remote wiping in case of loss, theft, device failure, device upgrade or change of ownership. Byod bring your own device policies and best practices. It is important that users connecting their own devices to your it systems clearly understand their responsibilities. Chief information officer as part of a broader analysis of byod. Having a clearly set byod policy beforehand, signed by all employees, goes a long way in demonstrating that your office has done its due diligence. This sample byod policy differs from the policyies governing use of organizationprovided equipment andor services.
416 1319 746 1068 1485 1374 50 193 425 1137 112 1062 209 1494 1264 1338 1256 294 416 1332 436 500 1150 776 943 317 636 783 1046 1453 231 1200 854 455