BYOD Policy Template Released

In a continuing effort to create a set of standard procedures that CIOs can implement to meet the challenges they face due to emerging technologies and processes, Janco Associates has added a Bring-Your-Own-Device Policy to its CIO Infrastructure Policy bundle.

The BYOD policy addresses the issues associated with sensitive data on personal devices, how they are backed up, secured and destroyed when needed. In addition, the policy addresses what to do when an employee leaves, either voluntarily or involuntarily. An added feature is an Access and Use Agreement, which addresses all the legal issues that arise out of the electronic access of employee data by an employer.

“As the use of personal mobile devices expands, IT executives are faced with the dilemma that either they support the use of personal mobile devices and maintain some control, or the devices will be used and their companies will be at risk for data breaches and non-compliance with mandate requirements," Janco CEO Victor Janulaitis said. “Blocking access to the wealth of resources available to personal devices inhibits productivity and competitiveness. At the same time allowing access without a set of rules puts the enterprise and its resources at risk.”

The policy and its electronic form have been added to the CIO Infrastructure Policy bundle and meets all of the mandated requirements of HIPPA, ISO, SOX, Gramm-Leach-Bailey, Electronic Communication Privacy Act (Stored Communications Act).

The CIO Infrastructure Policy bundle contains 14 policies:

Backup and Backup Retention Policy

Blog and Personal Web Site Policy

Access and Use Policy

Incident Communication Policy

Internet, Email, Social Networking, Mobile Device, and Electronic Communication Policy

Mobile Device Access and Use Policy

Outsourcing Policy

Patch Management

Record Management, Retention, and Disposition Policy

Sensitive Information Policy

Service Level Agreement Policy

Networking Policy

Telecommuting Policy

Travel, Laptop, PDA and Off-Site Meeting Policy.

For reprint and licensing requests for this article, click here.
Analytics Data and information management Compliance Core systems Policy adminstration Security risk
MORE FROM DIGITAL INSURANCE