Skip to main content

Storage on Private PCs (BYOD Policy)

Personal devices (laptops, mobiles) are common in field operations but pose risks like loss/theft in emergencies.

Guidelines

  • Approval: Register devices with IT; use only for AHEEN work.
  • Security Measures:
    • Full-disk encryption (e.g., BitLocker/FileVault).
    • MFA for access; auto-lock after 5 minutes.
    • Install antivirus; avoid public Wi-Fi without VPN.
    • Remotely wipe lost devices.
  • Data Handling:
    • Store minimal data locally; prefer cloud sync with encryption.
    • No use of personal email/cloud for AHEEN data.
  • Best Practices from ICRC/UoN:
    • Treat devices as extensions of organizational systems; delete data post-use.
    • Train on physical security (e.g., lock devices in camps).
    • Prohibit unencrypted storage of sensitive files.
Device Type Minimum Requirements
Laptops Encryption, VPN, regular backups to secure server.
Mobiles App-based MFA; end-to-end encrypted apps (e.g., Signal for comms).
USB Drives Encrypted; labeled for destruction after use.

Prohibitions

No BYOD for highly sensitive data without DPO approval; report lost devices immediately.

No comments to display

Back to top