Collection

Bring Your Own Device Guidance

Risk management guidance for the use of personally owned devices for remote working

This collection was withdrawn on 9 June 2016

This content has been moved to the NCSC website: https://www.ncsc.gov.uk/guidance/byod-executive-summary

• From: CESG and Centre for the Protection of National Infrastructure
• Published: 26 September 2014
• Last updated: 13 March 2015 — See all updates

This guidance is for organisations considering a ‘Bring Your Own Device’ (BYOD) approach, and describes the key security aspects to consider in order to maximise the business benefits of BYOD whilst minimising the risks. It also provides a useful reminder for those already implementing a BYOD approach. It should be used to inform risk management decisions for BYOD deployments, and is particularly relevant for public sector organisations operating at OFFICIAL.

• For security advice relating to specific mobile platforms, please consult the End User Devices Security Guidance.
• For further information on security practices for a range of mobile devices, please consult CPNI’s Mobile Device Documentation.

This guidance applies to any type of BYOD software product running on a personally owned device, including:

• container applications on personally owned smartphones
• bootable USB media on home PCs
• remote desktop or remote application products

We refer to ‘BYOD product’ throughout to mean any one of these products.

This is an ALPHA release. Please send any questions or feedback to enquiries@cesg.gsi.gov.uk, or complete our online survey.

Published 26 September 2014
Last updated 13 March 2015 + show all updates

1. 13 March 2015

   Added Good Technologies

2. 6 October 2014

   Incorporated Planning BYOD and Implementing BYOD guidance sets

3. 26 September 2014

   First published.