The purpose of this standard is to empower USG staff to innovate and work on USG business more effectively inside and outside the office. Based on research at other enterprises, greater productivity and employee satisfaction should result from establishing a prudent BYOD standard that empowers employees to work on personally-owned devices while protecting the confidentiality, integrity, and availability of USG data.
This standard intends to balance the use of personally-owned devices while preventing USG data from being deliberately or inadvertently stored insecurely on a device or carried over an insecure network where it could potentially be accessed by unauthorized resources. Such a breach could result in loss of information, damage to critical applications, financial loss, and damage to the USG’s public image. Therefore, all users employing a personally-owned device connected to a USG network, and/or capable of backing up, storing, or otherwise accessing USG data of any type, must adhere to USG-defined policies, standards, and processes.