BYOD Policy Template Includes two (2) electronic forms 1) BYOD Access and Use Agreement and 2) Mobile Device Security and Compliance Checklist
BYOD include consumer SmartPhones and tablets which are making their way into your organization. Going mobile makes employees happier and more productive, but it’s also risky. How can you say ‘yes’ to a BYOD choice and still safeguard your corporate data, shield your network from mobile threats, and maintain policy compliance?
With the advent of Bring-Your-Own-Device - BYOD and the ever increasing mandated requirements for record retention and security, CIOs are challenged to manage in a complex and changing environment.
If your enterprise does not have a BYOD policy, then two types of things are happening:
- BYOD blocked and your company is losing productivity associated with an employee making use of a BYOD or your company is paying for each employees access device.
- BYOD are already accessing your corporate network, with or without your knowledge, and you are not doing anything to ensure that this is being done securely and is not in compliance with mandated federal, state, local, and industry requirements.
BYOD Policy Template meets all mandated compliance requirements
The author, in concert with a number of world class enterprises had created a BYOD Policy Template that addresses these issues and provides solutions for the following questions:
- What are the legal implication of BYOD - What is the impact of the Stored Communication Act - Record Retention and Destruction?
- What happens to the data and audit trail on a BYOD when an employee leaves the company?
- What about a lost or stolen BYOD?
- How is the BYOD configured to receive and transmit corporate data?
- What kind of passwords are acceptable to use on a BYOD?
- What kind of encryption standards are acceptable for BYOD?
- What types of BYOD are allowed and what types are not?
- What about jail broken, rooted or compromised BYOD?
The purpose of the BYOD Policy Template is to define standards, procedures, and restrictions for end users who have specific and authorized business requirements to access enterprise data from a BYOD connected via a wireless or unmanaged network outside of ENTERPRISE’s direct control. This applies to, but is not limited to, all BYOD and media that fit the following device classifications:
- Laptop/notebook/tablet computers
- Ultra-mobile PCs (UMPC)
- Mobile/cellular phones
- Home or personal computers used to access enterprise resources
- Any mobile device capable of storing corporate data and connecting to an unmanaged network
The BYOD Policy applies to any BYOD, hardware and related software, that could be used to access enterprise resources when the equipment is not approved, owned, or supplied by ENTERPRISE.
Bring-Your-Own-Device - BYOD usage increasing
A growing number of enterprise employees using BYOD - ranging from ad hoc work from home due to temporary family situations to full-time tele-work/home work arrangements. In fact, a recent survey found that 23% of enterprises (companies with 1,000 or more employees) responded that a significant portion of employees spend 20% or more of their working time working away from the office.
- More enterprises support regular telecommuting. On average, 17% of employees at North American enterprises report having employees who spend at least 20% of their work time away from their normal work desk or work from home. This compares with an average of 14% of employees at the European enterprises.
- European employers are more conservative than others about use of BYOD.
- Size doesn't play a big role in an enterprise's decision to support BYOD. At companies with between 1,000 and 4,999 employees surveyed, an average of 16% of employees telecommuter one or more days per week, compared with an average of 14% of employees at firms with between 5,000 and 19,999 employees, and an average of 18% of those working for organizations with 20,000 or more employees.
- Firms with regular telecommuters have even more frequent travelers.
Bring Your Own Device (BYOD) Access and Use Policy
- Components of the BYOD Strategy and Basics for BYOD Policy
- Device Choices
- User Experience and Privacy
- Trust Security Compliance
- Application Design and Infrastructure
- Internal marketing and training
- Device Requirements
- Policy Definitions
- Access Control
- Help & Support
- Enterprise Mobile Device Infrastructure
- BYOD Infrastructure
- Disaster Recovery
- Tablet Computer (iPads)
- Internal Network Access
- Repair Procedure
- Upgrade Procedure
- Patching Policy
BYOD Security Best Practices
- Security Controls
- Remote BYOD Management
- Access Management Controls
- Tablet and Smartphone Applications
- BYOD Metrics and SLA Agreement
- Executive management
- Business unit executives
- IT organization
- Record Retention
- BYOD Access and Use Agreement Form
- BYOD and Mobile Content Best of Breed Security Checklist
- Mobile Device Security and Compliance Checklist