Bring Your Own Device (BYOD) Policy
|
Version No. |
Date Change Made |
New Version No. |
Changes Made By (initial) |
Comment |
|---|---|---|---|---|
|
00.01 |
May 2018 |
|
HW |
New policy for GDPR |
|
|
|
|
|
Reviewed at Full Council 16.3.2020 Agenda item 9.5 |
|
|
May 2021 |
|
HW |
Added requirement for AV software |
|
|
Jun 2021 |
|
|
Reviewed at Full Council 14.6.2021 Agenda item 9.7 |
Contents
1. Introduction
1.1 Macclesfield Town Council grants Councillors and Officers the use smartphones and tablets of their choosing for council business.
1.2 This policy is intended to protect the security and integrity of personal data controlled and processed by Macclesfield Town Council.
1.3 Macclesfield Town Council reserves the right to revoke this privilege if Councillors and Officers do not abide by the policies and procedures outlined below.
1.4 Macclesfield Town Council Councillors and Officers must agree to the terms and conditions set forth in this Bring Your Own Device (BYOD) policy in order to be able to connect their devices to the company network.
2. Devices and Support
2.1 Smartphones including iPhone, Android, Blackberry and Windows phones are allowed
2.2 Tablets including iPad and Android are allowed
2.3 Laptops are allowed
2.4 Connectivity issues may be supported by ICT services but this will be on a case by case basis. In the first instance the connectivity issue should be reported to the Clerk.
2.5 The device manufacturer or their carrier should be contacted for operating system or hardware-related issues.
3. Security
3.1 In order to prevent unauthorized access, devices must be password protected using the features of the device and a strong password is required to access the company network.
3.2 Passwords must be at least six characters and a combination of upper- and lower-case letters with a number and a symbol.
3.3 Passwords must be kept confidential and must not be shared with family members or third parties.
3.4 Passwords must be changed if it is disclosed to another person or discovered.
3.5 Devices must have anti-virus software installed and kept up to date.
3.6 Devices must be encrypted
3.7 The device must lock itself with a password or PIN if it’s idle for five minutes.
3.8 Home Wi-Fi networks must be encrypted. Caution must be exercised when using public Wi-Fi networks as public Wi-Fi networks may not be secure.
3.9 Public data backup and transfer services (Dropbox, Google Drive, must not be used
3.10 Data must only be stored on internal memory, never on a removable memory card
3.11 Rooted (Android) or jailbroken (iOS) devices are strictly forbidden from accessing the network.
3.12 All data relating to Macclesfield Town Council will be erased at the end of a Councillor’s term or in the case of an Officer at the end of his or her employment.
3.13 All data relating to Macclesfield Town Council will be erased if there is a personal data breach
3.14 All data relating to Macclesfield Town Council will be erased if there is a virus or similar threat to the security of data.
3.15 Care must be taken to avoid using approved devices in a manner which could pose a risk to confidentiality, whether by clicking on links in suspicious emails, accessing potentially harmful websites, using potentially harmful application software, using Wi-Fi facilities in public places (e.g. coffee shops or airports), or otherwise. Some apps for smartphones and tablets may be capable of accessing sensitive information.
4. Risks/Liabilities/Disclaimers
4.1 Lost or stolen devices must be reported to Macclesfield Town Council within 24 hours. Councillors and officers are responsible for notifying their mobile carrier immediately upon loss of a device.
4.2 Councillors and officers to adhere to the Macclesfield Town Council’s BYOD policy as outlined above.
4.3 Councillors and officers are personally liable for all costs associated with his or her device.
4.4 Macclesfield Town Council reserves the right to take appropriate disciplinary action up to and including termination for noncompliance with this policy.