Risk management guidance for the use of personally owned devices for remote working
This guidance is for organisations considering a ‘Bring Your Own Device’ (BYOD) approach, and describes the key security aspects to consider in order to maximise the business benefits of BYOD whilst minimising the risks. It also provides a useful reminder for those already implementing a BYOD approach. It should be used to inform risk management decisions for BYOD deployments, and is particularly relevant for public sector organisations operating at OFFICIAL.
- For security advice relating to specific mobile platforms, please consult the End User Devices Security Guidance.
- For further information on security practices for a range of mobile devices, please consult CPNI’s Mobile Device Documentation.
This guidance applies to any type of BYOD software product running on a personally owned device, including:
- container applications on personally owned smartphones
- bootable USB media on home PCs
- remote desktop or remote application products
We refer to ‘BYOD product’ throughout to mean any one of these products.