back to checklists

How to Approach Bring Your Own Device (BYOD)

BYOD stands for “Bring Your Own Device,” which refers to employees bringing their own mobile, tablet, laptop, or other computer devices to work. As personal smartphones are ubiquitous in our lives, many employees expect to use personal smartphones and mobile devices at work.

BYOD poses potential security and organizational challenges, especially since it is not realistic for most employers to demand employees leave their mobile devices at home. BYOD security can be addressed by having IT provide detailed security requirements for each type of personal device used in the workplace and connected to the organization’s network. This policy is often best paired with an organization’s Acceptable Use Policy.

  • Understand the legal ramifications based on who owns the device and the distinction between different types of data.

  • Understand the repercussions, and consider the worst case scenarios.

  • Specify what types of devices are permitted.

  • Establish a security policy for each device

  • Ensure employees understand and are aware of the BYOD Policy and who to contact if questions arise concerning the policy or the use of their personal device.

  • Clearly define each party’s rights regarding the device and data on the device.

  • Consider whitelisting or blacklisting certain applications.

  • Create an "Acceptable Use Policy"

  • Create an "Employee Exit Policy"


back to checklists

The Office of Privacy and Data Protection announces beta testing of “Privacy Modeling,” a new web application that identifies the privacy laws relevant to the product or service you wish to create.

Go to Privacy Modelling App

Something went wrong. Please try again.