digiBandit/digiDocs
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
digiDocs/Policies/BYOD_Bring_Your_Own_Device.md
dbits-db def3405e39 Reorganize into subfolders for easier navigation 
Structure:
- Services/ (22 docs) - Device mgmt, VoIP, MDM, etc.
- Products/ (10 docs) - dataBack, Huntress, BitWarden, etc.
- Security/ (6 docs) - Cyber insurance, PAM, awareness
- Backup/ (4 docs) - Recovery, disaster planning
- Policies/ (7 docs) - BYOD, user mgmt, credentials
- Legal/ (5 docs) - MSA, agreements, warranties
- Getting Started/ (8 docs) - Welcome, contact, tickets
2026-01-24 17:13:47 -04:00

39 lines
2.3 KiB
Markdown
Raw Blame History

# BYOD (Bring Your Own Device)
> For the complete policy details, see [BYOD Policy](./BYOD_Policy.md).
## **Purpose**
Ensure the security and confidentiality of company data in alignment with the Personal Information Protection and Electronic Documents Act (PIPEDA) when accessing company resources via personal devices.
## **Scope**
Applicable to all clients and their employees of digiBandit IT Services intending to access company resources (e.g., email, files, applications) on personal devices like cell phones, laptops, or tablets.
## **Policy Highlights**
- **Device Registration and Approval:** Employees must gain approval and register their devices with digiBandit IT Services' IT management system before accessing company resources.
- **Security Requirements:** Mandates up-to-date antivirus software and security patches on personal devices, alongside strong passcodes or biometric locks and enabled device encryption.
- **Data Access and Storage:** Enforces controlled access to sensitive data and prohibits unencrypted company data storage on personal devices. Cloud storage must comply with PIPEDA and company policies.
- **Remote Wipe and Device Management:** Authorizes digiBandit IT Services to wipe company data from personal devices remotely under specific conditions to protect sensitive information.
- **Compliance and Monitoring:** Stipulates device usage monitoring for policy compliance, with potential revocation of company resource access for non-compliance.
## **Procedure Overview**
- **Request for Access:** Employees must submit a request to managers and IT administrators for personal device access to company resources.
- **Device Assessment and Registration:** IT administrators will assess device security compliance before registration in the IT management system.
- **Security Setup:** Administrators will assist employees in implementing necessary security measures, such as encryption and passcodes.
- **Access Provisioning:** Based on roles and needs, limited access to company resources is granted, with training provided on secure data handling.
- **Ongoing Monitoring and Compliance:** Regular audits and periodic policy reminders are included to ensure continuous compliance.
## **Acknowledgment**
Employees must acknowledge understanding and agreement to adhere to the policy.
Reference in a new issue View git blame Copy permalink