Techrunner
asked on
Sample BYOD and MDM Policy
Hello Everyone
We are medium size healthcare hospital. One of my task is to develop BYOD policy and implement an MDM in our organization. We have chosen to go with Meraki MDM Solution
We don't have a BYOD policy yet hence looking for creating one. So if anyone can point into the right direction, how should policy look like. Should we allow BYOD ? If yes, what requirements should be considered for secured access?
Currently, we allow users to use personal devices (laptops, tablets, phones etc) to connect with SSL VPN and Exchange email.
How do you manage personal devices with MDM ?
I would appreciate it if anyone can advise the best for a hospital setup considering compliance
We are medium size healthcare hospital. One of my task is to develop BYOD policy and implement an MDM in our organization. We have chosen to go with Meraki MDM Solution
We don't have a BYOD policy yet hence looking for creating one. So if anyone can point into the right direction, how should policy look like. Should we allow BYOD ? If yes, what requirements should be considered for secured access?
Currently, we allow users to use personal devices (laptops, tablets, phones etc) to connect with SSL VPN and Exchange email.
How do you manage personal devices with MDM ?
I would appreciate it if anyone can advise the best for a hospital setup considering compliance
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks the article is very informative.Is it possible to share any sample policy ?
Do Google search you ll find some templates.
http://www.itmanagerdaily.com/byod-policy-template/
https://qesp.org/article/australian-government-guidance-on-enterprise-mobility-and-byod/
http://cdn2.hubspot.net/hub/445439/file-2042247754-pdf/images/Sample-BYOD-Policy-Template.pdf%3Ft=1468565447264
http://www.thecyberadvocate.com/wp-content/uploads/2015/04/BYOD-Policy-Template.pdf
https://cp.labtechsoftware.com/assets/marketing_materials/pdf/mobility_byod_policy.pdf
https://www.e-janco.com/byod-policy.htm
http://www.itmanagerdaily.com/byod-policy-template/
https://qesp.org/article/australian-government-guidance-on-enterprise-mobility-and-byod/
http://cdn2.hubspot.net/hub/445439/file-2042247754-pdf/images/Sample-BYOD-Policy-Template.pdf%3Ft=1468565447264
http://www.thecyberadvocate.com/wp-content/uploads/2015/04/BYOD-Policy-Template.pdf
https://cp.labtechsoftware.com/assets/marketing_materials/pdf/mobility_byod_policy.pdf
https://www.e-janco.com/byod-policy.htm
ASKER
Is it safe to mention this in policy;
Please give suggestions
Please give suggestions
BYOD devices will be onboard to BYOD network through Registration Portal. Employees can use personal devices to establish an SSL VPN connection, which will check device compliance against NAC policies before granting access to the VPN network. However, no direct access to IT resources from the BYOD machine. Access will be made available through a secure connection to RDS Gateway and Remote Apps.
This should be well written in your policy. The information security policy will provide the basic guidelines under which the security organization will operate. The information security policy should state management’s commitment and set out the organization’s approach to managing information security.
ASKER
But my above mentioned is good approach?
But my above mentioned is good approach? Yes.
Apply security awareness training and develop a cyber-security culture within your organization.
Apply security awareness training and develop a cyber-security culture within your organization.
ASKER
Thanks