1.0 Overview
Bring your own device (BYOD) is the act of using a personal computing device (computer, tablet, phone, etc.) for work or business related activities. Florida Institute of Technology does not require employees to use personal equipment for business operations. Those employees who wish to use their personal devices must abide by the policy below. Florida Institute of Technology is not responsible for the purchase or costs associated with use of personally owned devices. In response to an increase in personally owned devices being used in the work environment, Florida Institute of Technology has established an official Bring Your Own Device (BYOD) policy.
2.0 Purpose
This policy defines the appropriate use and procedures for using personally owned computing devices on the Florida Tech network and the storage of intellectual property, sensitive data or University licensed software.
3.0 Scope
This policy applies to employees, faculty, students, guests and any other user that utilizes the network or computing resources provided by Florida Institute of Technology for business related activities with a personally owned device such as:
In some cases, these restrictions may be lifted by other official policies pertaining to certain staff, systems, or processes.
4.0 Policies
Faculty, staff and students who choose to participate in BYOD must abide by this policy and all University policies while using a personally owned device on the Florida Institute of Technology network. Additional key mandatory policies when using personally owned devices include but are not limited to: IT-1001 Acceptable Use Policy, IT-1003 Transmission and Use of Sensitive Information, IT-1004 Securing Sensitive Information, IT-1005 Unsupported Operating Systems, IT-1008 Software Installation Policy and IT-1009 Support of Faculty and Staff Personal Computer Equipment. All Information Technology policies are available on the IT website: https://policy.fit.edu/.
Employees who participate in the BYOD policy must:
5.0 Devices and Support
All devices connected to the Florida Institute of Technology network are required to adhere to the Acceptable Use Policy. Devices must be registered under the users account and be current on all software updates and anti-virus solutions. Users are also required to follow the Policy on Digital Millennium Copyright Act (DMCA). IT may, without notification, prevent or ban any personally owned device which disrupts any University Computing resource or are used in a manner which violates any University policy.
Technical support for personally owned computing devices is limited to the following:
Examples of support services that will not be provided, but not limited to:
6.0 User Responsibilities
As a user of Information Technology resources you have the following responsibilities:
7.0 Risk, Liabilities and Disclaimers
Employees who elect to participate in BYOD accept the following risks, liabilities and disclaimers:
7.1 Reimbursement
Computer technology purchased for personal use will not be reimbursed by the University. This includes all hardware, software, licenses, and technology services, including repair or technical support services purchased with personal funds, regardless of intended use.
8.0 Enforcement
Employees and other persons employed by the university found to have violated this policy will be subject to disciplinary action based on the nature of the offense up to and including termination of employment.
Students and guests that are found to have violated this policy will be subject to disciplinary action based on the nature of the offence including but not limited to loss of network and computing access, and other actions the university administration deems appropriate.
9.0 Definitions and additional policies
Term |
Definition |
Up-to-date Anti-virus Protection |
Virus Protection with definitions that are no more than 10 days old |
Personally Identifiable Information |
Defined by the NIST Special Publication 800-122: “any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information” |
Sensitive Information |
Any information that can be used to identify you or another person. Examples include: personal information, medical records, financial information, University administrative computer data (employee records, student records, electronic documents that contain confidential information), passwords and account details, and research data. |
|
|
Additional Policies referenced and related to the Bring Your Own Device (BYOD) Policy:
10.0 Updates and Changes
Changes to this policy must be reviewed by the Information Technology Vice President. Once the Information Technology Vice President approves the wording and contents of the policy, this document must be reviewed and approved by the Information Technology Executive Committee before being put into effect.
Once approved, faculty, students and staff will be notified that the IT Bring Your Own Device (BYOD) policy is changing through postings to Fitforum and Facforum and the staff/faculty distribution lists. This posting does not need to contain the entire text of the IT Bring Your Own Device Policy, but the notice must indicate where copies of the policy may be reviewed.
New versions of this policy will take effect no sooner than 21 days after the approval of the policy by the Information Technology Executive Committee.