Mobile device and BYOD policies
Assign topic to the user
Answer:
A Mobile device policy refers to any portable device, owned or not by the organization, while a BYOD policy refers to devices not owned by the organization (e.g., owned by employees, visitors, outsourced consultants, etc.), either fixed (e.g., PCs) or mobile (e.g., cellphones and tablets).
Another difference is that the main purpose of a mobile device policy is to prevent unauthorized access to these devices, while the BYOD aims to protect information bring access through devices not owned by the organization.
You can take a look on how policies which handle these issues look like at these links:
- Bring Your Own Device (BYOD) Policy https://advisera.com/27001academy/documentation/bring-your-own-device-byod-policy/
- Mobile Device and Teleworking Policy https://advisera.com/27001academy/documentation/mobile-device-and-teleworking-policy/
These articles will provide you further explanation about mobile devices and BYOD:
- How to write an easy-to-use BYOD policy compli ant with ISO 27001 https://advisera.com/27001academy/blog/2015/09/07/how-to-write-an-easy-to-use-byod-policy-compliant-with-iso-27001/
- How to apply information security controls in teleworking according to ISO 27001 https://advisera.com/27001academy/blog/2021/10/27/how-to-use-iso-27001-to-secure-data-when-working-remotely/
Comment as guest or Sign in
Feb 12, 2019