Bring Your Own Device (BYOD) Policy
|Policy Approval Authority||President|
|Responsible Division||Division of Information Technology|
|Responsible Officer(s)||Chief Information Security Officer|
|Contact Person||Fred Williams email@example.com|
|Date Submitted to Policy Library Committee||09-25-2019|
|Proposed Adoption Date||11-01-2019|
|Effective Adoption Date||11-01-2019|
|Last Review Date||03-22-2021|
Finance / Risk Management
Northern Illinois University (NIU) grants its employees the privilege of purchasing and using smartphones, tablets, laptops or other mobile devices of their choosing at work for their convenience. NIU reserves the right to revoke this privilege if users do not abide by the policies and procedures outlined below.
This policy is intended to protect the security and integrity of NIU’s private or restricted data and technology infrastructure. View NIU’s data classification guidelines for more information on what constitutes private or restricted data (link: https://doit.niu.edu/doit/about/policies/data-classification.shtml).
Limited exceptions to the policy may be granted due to variations in devices and platforms.
Acceptable UseNo matter the device in use, all NIU students, faculty and staff must abide by NIU’s Acceptable Use Policy (link: https://www.niu.edu/policies/policy-documents/acceptable-use-policy.shtml.
• All mobile devices such as laptops, tablets, smartphones, or USB-connected drives and devices used to view, process, or store NIU private or restricted data must be encrypted. Most modern smartphones are encrypted by default, but many laptops are not. The Division of Information Technology (DoIT) recommends Microsoft Bitlocker for Windows laptops and Apple’s FileVault for Mac laptops.
• All mobile devices used to view or process NIU private or restricted data must have the ability to be remotely wiped in case of loss, theft, or NIU detects a data breach and exfiltration of NIU private or restricted data.
• In order to prevent unauthorized access, devices must be password protected using the features of the device and a strong password is required to access the company network.
• The device should lock itself with a password or PIN if it’s idle for no more than fifteen minutes.
• All due diligence must be used to keep personal use from work use on the same device or across devices. One of the best ways to accomplish this is to create and use a completely separate user account for work purposes only. If a separate account cannot be created for work use, then maintain separate web browsers for work and personal use. Do not sync a personal web browser account with a work account or device.
Reimbursement for Personal Devices• At management discretion, NIU offers cellphone stipends for employees who are required to use personal smartphones for work purposes. (link: https://www.niu.edu/policies/policy-documents/cellular-service-stipend-policy.shtml
Risks and Disclaimers• While NIU will take every precaution to prevent the employee’s personal data from being lost in the event it must remote wipe a device, it is the employee’s responsibility to take additional precautions, such as backing up email, contacts, photos, music, etc.
• NIU reserves the right to block individual devices from accessing the NIU wired or wireless networks.
• Lost or stolen devices used to view or process NIU private or restricted data must be reported to NIU within 24 hours by submitting an incident at https://it.niu.edu or calling the IT Service Desk at 815-753-8100. Employees are responsible for notifying their mobile carrier immediately upon loss of a device.
There are no comments to show.
- Policy Categories
- Board of Trustees
- Campus Safety / Security
- Ethics & Conduct
- Facilities / Real Estate
- Faculty & Academics
- Finance / Risk Management
- Governance / Administration
- Human Resources / Employment
- Information Technology
- Marketing & Communication
- Research Ethics / Intellectual Property
- Student Affairs
- Sponsored Funding/Grants and Contracts