---
title: BYOD (Bring Your Own Device)
description: > For the complete policy details, see [BYOD Policy](./BYOD_Policy.md).
category: policies
tags: [policies]
---

# BYOD (Bring Your Own Device)

> For the complete policy details, see [BYOD Policy](./BYOD_Policy.md).

## **Purpose**

Ensure the security and confidentiality of company data in alignment with the Personal Information Protection and Electronic Documents Act (PIPEDA) when accessing company resources via personal devices.

## **Scope**

Applicable to all clients and their employees of digiBandit IT Services intending to access company resources (e.g., email, files, applications) on personal devices like cell phones, laptops, or tablets.

## **Policy Highlights**

- **Device Registration and Approval:** Employees must gain approval and register their devices with digiBandit IT Services' IT management system before accessing company resources.

- **Security Requirements:** Mandates up-to-date antivirus software and security patches on personal devices, alongside strong passcodes or biometric locks and enabled device encryption.

- **Data Access and Storage:** Enforces controlled access to sensitive data and prohibits unencrypted company data storage on personal devices. Cloud storage must comply with PIPEDA and company policies.

- **Remote Wipe and Device Management:** Authorizes digiBandit IT Services to wipe company data from personal devices remotely under specific conditions to protect sensitive information.

- **Compliance and Monitoring:** Stipulates device usage monitoring for policy compliance, with potential revocation of company resource access for non-compliance.

## **Procedure Overview**

- **Request for Access:** Employees must submit a request to managers and IT administrators for personal device access to company resources.

- **Device Assessment and Registration:** IT administrators will assess device security compliance before registration in the IT management system.

- **Security Setup:** Administrators will assist employees in implementing necessary security measures, such as encryption and passcodes.

- **Access Provisioning:** Based on roles and needs, limited access to company resources is granted, with training provided on secure data handling.

- **Ongoing Monitoring and Compliance:** Regular audits and periodic policy reminders are included to ensure continuous compliance.

## **Acknowledgment**

Employees must acknowledge understanding and agreement to adhere to the policy.