Bring your own device (BYOD)
Bring your own device (BYOD)

The following Risk & Compliance guidance note provides comprehensive and up to date legal information covering:

  • Bring your own device (BYOD)
  • What is BYOD?
  • Key risks and benefits of BYOD?
  • Protecting against security risks
  • Choosing the right technical solution—security
  • Monitoring employees and/or remotely accessing employees' devices
  • Information and transparency
  • Loss of employees' data
  • Data protection impact assessment (DPIA)
  • The consequences of getting it wrong

What is BYOD?

'Bring your own device' (BYOD) refers to arrangements where an organisation allows designated employees to connect to its corporate IT network using their own communications devices, for specific, work-related purposes. These arrangements will most commonly apply to use by staff of their personal devices for work. However, the term ‘BYOD’ may also be used in other situations, such as access to an educational institution’s network by its students or access to an organisation’s network by its customers or business partners, as a way to exchange and update information. BYOD arrangements may cover a range of devices, including laptops, tablets and smartphones.

This Practice Note focuses on BYOD in the employment relationship.

Key risks and benefits of BYOD?

Key risk or benefit Potential benefits Potential downsides and risks
Cost savings There is a cost savings for the organisation:
—in not having to invest in procurement, replacement and management of devices for employees
—depending on the arrangements for sharing costs, in relation to service charges (where employees may be compelled to use devices more responsibly)
The organisation will still need