Includes specific metric definitions for SLAs and a Balanced Scorecard
Bring Your Own Device Policy updated to to meet Disaster Recovery, Business Continuity and Corporate Intellectual Property Requirements
BYOD Policy- Bring Your Own Device - BYOD Policy Template as a bonus has three (3) electronic forms and three (3) full IT job descriptions:
- BYOD Access and Use Agreement
- Mobile Device Security and Compliance Checklist
- Mobile Device Access and Use Agreement
- Manager BYOD Support
- BYOD Support Supervisor
- BYOD Support Specialist
BYOD includes consumer SmartPhones and tablets which are being used in your organization. Going mobile makes employees happier and more productive, but it's also risky. How can you say ‘yes' to a BYOD choice and still safeguard your corporate data, shield your network from mobile threats, and maintain policy compliance?
With the advent of Bring-Your-Own-Device - BYOD and the ever increasing mandated requirements for record retention and security, CIOs are challenged to manage in a complex and changing environment.
If your enterprise does not have a BYOD policy, then two types of things are happening:
- BYOD blocked and your company is losing productivity associated with an employee making use of a BYOD or your company is paying for each employees access device.
- BYOD are already accessing your corporate network, with or without your knowledge, and you are not doing anything to ensure that this is being done securely and is not in compliance with mandated federal, state, local, and industry requirements.
BYOD Policy Template meets all mandated compliance requirements
Janco, in concert with a number of world class enterprises had created a BYOD Policy Template that addresses these issues and provides solutions for the following questions:
- What are the legal implication of BYOD - What is the impact of the Stored Communication Act - Record Retention and Destruction?
- What happens to the data and audit trail on a BYOD when an employee leaves the company?
- What about a lost or stolen BYOD?
- How is the BYOD configured to receive and transmit corporate data?
- What kind of passwords are acceptable to use on a BYOD?
- What kind of encryption standards are acceptable for BYOD?
- What types of BYOD are allowed and what types are not?
- What about jail broken, rooted or compromised BYOD?
The purpose of the BYOD Policy Template is to define standards, procedures, and restrictions for end users who have specific and authorized business requirements to access enterprise data from a BYOD connected via a wireless or unmanaged network outside of the direct control. This applies to, but is not limited to, all BYOD and media that fit the following device classifications:
- Laptop/notebook/tablet computers
- Ultra-mobile PCs (UMPC)
- Mobile/cellular phones
- Home or personal computers used to access enterprise resources
- Any mobile device capable of storing corporate data and connecting to an unmanaged network
The BYOD Policy applies to any BYOD, hardware and related software, that could be used to access enterprise resources when the equipment is not approved, owned, or supplied by ENTERPRISE.
Bring-Your-Own-Device - BYOD usage increasing
A growing number of enterprise employees using BYOD - ranging from ad hoc work from home due to temporary family situations to full-time tele-work/home work arrangements. In fact, a recent survey found that 23% of enterprises (companies with 1,000 or more employees) responded that a significant portion of employees spend 20% or more of their working time working away from the office.
- More enterprises support regular telecommuting. On average, 17% of employees at North American enterprises report having employees who spend at least 20% of their work time away from their normal work desk or work from home. This compares with an average of 14% of employees at the European enterprises.
- European employers are more conservative than others about use of BYOD.
- Size doesn't play a big role in an enterprise's decision to support BYOD. At companies with between 1,000 and 4,999 employees surveyed, an average of 16% of employees telecommuter one or more days per week, compared with an average of 14% of employees at firms with between 5,000 and 19,999 employees, and an average of 18% of those working for organizations with 20,000 or more employees.
- Firms with regular telecommuters have even more frequent travelers.
BYOD Policy Template - It is 23 pages in length. It contains everything that an enterprise needs to implement a functioning and compliant mobile device and use process. Included are forms defining the mobile device environment.
BYOD Policy Template Elements of Security
As the traditional enterprise boundaries begin to fade, it is paramount that BYOD and the sensitive information they contain be managed and protected. As a result, security perimeters must also expand beyond the internal network to these numerous critical endpoints.
BYOD Policy Template Management
Management within organizations becomes more complex and important as both the number of BYOD and the amount of sensitive data stored on the BYOD increases. A lost or stolen BYOD may compromise the critical data stored on it, unless there are processes and tools in place to protect it.
BYOD Policy Template Asset Discovery and Inventory
The first step in securing your mobile organization network is the identification of the current inventory of BYOD and OS clients that exist within your infrastructure. Next, you must integrate the BYOD that have been identified in this process into your existing asset inventory database. Consider the following as you develop or update your BYOD asset inventory:
- How will you identify the BYOD assets?
- What are the related assets to this mobile device, for example, additional memory cards?
- How do you identify the asset owner and the business purpose of each device?
See also Mobile Device Security