This BYOD Policy sets out what types of electronic devices of their own employees may use at work (smartphones, tablets, mobile phones, PCs etc.), what these devices may be used for, when they may be used, what apps may be used, data security, support and handling, and data loss/theft.
An ever growing number of companies are allowing employees to use their own electronic devices such as smartphones, laptops and tablets at work rather than using equipment supplied by the company. This practice is often referred to as "bring your own device" (BOYD).
BYOD has risks and benefits for an employer: employees may be more productive using devices of their own choosing and it may reduce company costs. On the other hand, the IT staff may be required to support a wider range of devices and operating systems, the organisation has less control over what applications are on employee-owned devices, the risk of a security breach and/or loss of corporate data is higher, and a wide range of non-standard devices may cause infrastructure problems.
This BYOD policy template allows employers to specify what type of devices employees may bring from home and use at work, when they may be used, and what apps are allowed and disallowed. The underlying principle is that the employee retains ownership and responsiblity for maintenance and support of the device, with connectivity issues support by the company's IT department. The employee is required to keep company and personal data separate and is reposible for keeping company data secure and confidential.
The employee is required to agree to the terms of the policy in order to use personal devices at work and disciplinary action may result if terms of the policy are breached. An acceptance clause is included in the BYOD policy template that can be used to record the employee's acceptance of the terms.
Even employers that don't actively encourage BYOD may find that their staff use non-corporate devices at work all the same and may wish to put a BYOD policy, such as this one, in place to have control over the use of such devices on the corporate network.
This BYOD Policy is suitable for use in England, Scotland and Wales and covers the following:
- devices and support
- definition of acceptable use
- security of systems
- incidents and response
- data control and monitoring
- liability and disclaimers
- disciplinary action.