ICT acceptable use policy

Bring your own device

Bring Your Own Device (BYOD) means using your personally owned device to access council data.

You must use one of our supported BYOD solutions:

  • accessing Microsoft 365 through a web browser
  • accessing Microsoft 365 applications on your device using our BYOD software.

BYOD is optional.  Your device must meet certain criteria before being allowed to access our data.

Technical support will be limited to our BYOD software and systems.

To ensure security of the device and council data is maintained, we may monitor usage of BYOD devices.  Monitoring includes:

  • the make and model of devices in use
  • the version of the operating system currently installed

Devices which no longer meet the expected criteria will result in BYOD services being withdrawn.

To use BYOD software, you must allow the installation of council-controlled software.  Corporate controls are restricted to council-owned data and managed services only, for example:

  • remote wiping of council data and apps
  • access revocation to council data

To ensure additional risks are managed, technical controls are in place.  These controls may prevent you from undertaking some activity, for example restrictions on the transfer of council data out of the BYOD software.

You will be required to undergo multi-factor authentication.

We retain ownership and responsibility for the data.

You must:

  • ensure access to your device is controlled by using a password or a PIN
  • keep your device and system passwords secure
  • use biometric features on the device, where possible
  • have automatic device lockout enabled
  • keep your operating system and software updated
  • encrypt your device
  • ensure you are not overlooked when using the device
  • report lost or stolen devices as soon as possible to the IT service desk
  • inform the IT service desk if you leave the council
  • inform the IT service desk if your device is:
    • infected with malicious software
    • subject to a cyber-attack

You must not:

  • share your passwords
  • make copies of data or take screenshots
  • attempt to bypass security controls or modify BYOD software
  • jailbreak or root your device
  • try to access systems for which they are not authorised
Print this document