Bring Your Own Device (BYOD) Standard
This standard establishes accepted practices, responsibilities and procedures for the use of personally owned mobile devices that West Virginia University authorizes to connect to enterprise systems. This standard defines the user requirement, and provides guidance for the secure use of mobile endpoint devices, including mobile phones, smartphones and media tablets.
December 18, 2012
The following controls must be applied to mobile devices that connect directly to
the WVU network and/or access WVU-owned data:
1.1. A minimum of passcode security should be active on the device
1.2. The WVU Login account password must be changed when a device is lost or stolen. The ITS Service Desk should be contacted to review alternatives specific to the device and user for further measures to prevent data exposure.
1.3. Devices that are jailbroken, "rooted" or have been subjected to any other method of changing built-in protections are not permitted to access WVU resources
1.4. Vendor-issued updates and patches must be applied.
1.5. Users must take appropriate precautions to prevent others from obtaining access to their mobile device(s). Users will be responsible for all transactions made with their credentials, and must not share individually assigned passwords or other credentials.
Violation of or non-compliance of this standard will be addressed in accordance with established university disciplinary policies and procedures, as issued and enforced by the appropriate authorities. Failure to comply with this or other related standards may result in disciplinary action up to and including termination of one’s employment or studies.
Exceptions to IT Standards will be considered using the IT Standard Exception Procedure.
Dec. 18, 2012 - Initial Version Approved
Questions, concerns or additional information about this and any ITS policy should be directed to the CIO office at CIO@mail.wvu.edu.