Bring Your Own Device Guidance

This document collection was withdrawn on 9 June 2016

This content has been moved to the NCSC website:

Risk management guidance for the use of personally owned devices for remote working


This guidance is for organisations considering a ‘Bring Your Own Device’ (BYOD) approach, and describes the key security aspects to consider in order to maximise the business benefits of BYOD whilst minimising the risks. It also provides a useful reminder for those already implementing a BYOD approach. It should be used to inform risk management decisions for BYOD deployments, and is particularly relevant for public sector organisations operating at OFFICIAL.

This guidance applies to any type of BYOD software product running on a personally owned device, including:

  • container applications on personally owned smartphones
  • bootable USB media on home PCs
  • remote desktop or remote application products

We refer to ‘BYOD product’ throughout to mean any one of these products.

This is an ALPHA release. Please send any questions or feedback to, or complete our online survey.