How to Plan a BYOD Security Policy for Schools

Written by Danny Mareco Danny Mareco | February 3, 2014 | Read Time: 2 mins

Table of contents

Back to top

Education facilities are almost in unanimous agreement that mobile device policies are important specifically when those mobile devices are not owned by the school.  The most common rationale around writing a proper BYOD security policy includes:

BYOD security policy, byod wireless network design, wifi service providers,
  • Bringing about a compliance with standards and laws

  • Bringing about a greater awareness of threats

  • Enabling the mobility users (employee or student)

  • Protecting the organization’s sensitive information

  • Supporting IT innovation

  • Bringing about knowledge of changes in IT support strategy

Right now a common practice for BYOD users is a requirement for users to sign a user agreement.  Signing a user agreement is good, but as an overall written policy simply isn’t enough when, for example, the question gets raised: how will this agreement be monitored?  A proper completed policy outline should in some way include the following:

A Defined Outline of Financial Responsibilities:

Who is paying for the plans & devices? 

byod security policy, byod in schools, school wireless network design,

Device Requirements

What are the minimum device requirements the school  will allow?  What types of devices are allowed to access the network?  Which operating systems are supported? 

Personal Data vs. Organizational Data

How will the personal data be stored and segmented in comparison to the organizational data?  Will cloud based management be used?  See also, “4 Dangers of Cloud Managed Wireless Solutions.”

Policy Education

How will employees or students be educated on said policies? Define a timeline for phased in educational approach of policies and deployments and make sure these questions are thought out appropriately:  What do users need to know and when?  What resources are needed to help educate and train? Who will implement training and stand behind consequences of broken policy agreements?

Support Capabilities

Determine all support capabilities and define specific roles for support staff:  Are the implementations able to be self- supported?  What role will the support staff play in help desk capabilities? Which services are required for help desk employees?  What managed system needs to be implemented if support staff capabilities are not there? 

Acceptable Use Policy

A defined Acceptable Use Policy and enforcement plan:  A signed user agreement, as mentioned above, is essential and should be included in the policy standards and procedures.  Include a defined list of consequences and clarified staff in place to enforce written rules.

A proper policy, when put in place, can be an integral step in mitigating risk as a school moving toward a BYOD solution.  If your school is considering a BYOD implementation and you have questions or would like a free BYOD Readiness consultation, please contact us here.  We have helped schools all over the country and our goal is to be a resource for you.  

banner offering free download of wireless network design kit

Related Posts

See all posts