digiBandit/digiDocs
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
digiDocs/Policies/BYOD_Policy.md
Joey King d8301f5e87
Some checks are pending
Regenerate Documentation Index / regenerate-index (push) Waiting to run
Details
Add permalink: go.dbits.ca/dd/byod-policy
2026-02-06 21:43:31 +00:00

3.3 KiB
Raw Blame History

title description category tags permalink
BYOD Policy policies
policies
go.dbits.ca/dd/byod-policy

BYOD Policy

1. Purpose

The purpose of this policy is to ensure the security and confidentiality of company data in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) when accessing company resources from personal devices.

2. Scope

This policy applies to all clients of digiBandit IT Services and their employees who wish to access company resources (including email, files, and applications) on personal devices such as cell phones, laptops, or tablets.

3. Policy

3.1. Device Registration and Approval

  • Employees must seek approval from their respective managers or IT administrators before accessing company resources on their personal devices.

  • Approved devices must be registered with digiBandit IT Services IT management system.

3.2. Security Requirements

  • All personal devices used to access company resources must have up-to-date antivirus software and security patches.

  • Devices must be equipped with strong passcodes or biometric locks.

  • Device encryption must be enabled to protect stored data.

  • Lost or stolen devices must be reported immediately to IT administrators.

  • A device policy will be installed to provide IT administrators access to lock or wipe the device remotely.

3.3. Data Access and Storage

  • Access to sensitive or confidential data from personal devices is strictly controlled and monitored.

  • Storing company data on personal devices is prohibited unless encrypted and approved by IT administrators.

  • Use of cloud services to store or share company data must comply with PIPEDA regulations and company policies.

3.4. Remote Wipe and Device Management

  • digiBandit IT Services reserves the right to remotely wipe company data from personal devices if they are lost, stolen, or if the employee leaves the company.

  • The remote wipe will be focused on company data and will strive to avoid personal data; however, employees should be aware of the potential risk of data loss.

3.5. Compliance and Monitoring

  • Device usage may be monitored to ensure compliance with this policy.

  • Non-compliance may result in revoking the privilege of accessing company resources from personal devices.

4. Procedure

4.1. Request for Access

  • Employees submit a written request to their manager and IT administrator for access to company resources on a personal device.

4.2. Device Assessment and Registration

  • IT administrators assess the device for security compliance.

  • Upon approval, the device is registered in the IT management system.

4.3. Security Setup

  • IT administrators guide employees through setting up necessary security measures like encryption and passcodes.

4.4. Access Provisioning

  • Limited access to company resources is provisioned based on employee roles and needs.

  • Employees are trained on how to access and handle company data securely.

4.5. Ongoing Monitoring and Compliance

  • Regular audits are conducted to ensure ongoing compliance.

  • Employees are reminded periodically about the policy and any updates.

5. Acknowledgment

Employees are required to sign an acknowledgment form stating that they have read, understood, and agreed to abide by this policy*.*