Bring Your Own Device Guidance

Risk management guidance for the use of personally owned devices for remote working

This collection was withdrawn on

This content has been moved to the NCSC website:

This guidance is for organisations considering a ‘Bring Your Own Device’ (BYOD) approach, and describes the key security aspects to consider in order to maximise the business benefits of BYOD whilst minimising the risks. It also provides a useful reminder for those already implementing a BYOD approach. It should be used to inform risk management decisions for BYOD deployments, and is particularly relevant for public sector organisations operating at OFFICIAL.

This guidance applies to any type of BYOD software product running on a personally owned device, including:

  • container applications on personally owned smartphones
  • bootable USB media on home PCs
  • remote desktop or remote application products

We refer to ‘BYOD product’ throughout to mean any one of these products.

This is an ALPHA release. Please send any questions or feedback to, or complete our online survey.

Published 26 September 2014
Last updated 13 March 2015 + show all updates
  1. Added Good Technologies
  2. Incorporated Planning BYOD and Implementing BYOD guidance sets
  3. First published.