Bring Your Own Device Policy (BYOD)

Introduction

The following policy has been developed to promote a suitable and secure working environment. Therefore, all employees and Parish Councillors are required to follow the rules stated in this policy when using the Parish Councils IT systems, network, WiFi, email and/or internet facilities.

The Parish Council will enforce this policy in order to protect those in its care, on its property or using its IT Services.

Aim, Purpose and Scope

The purpose of this Bring Your Own Device (BYOD) Policy is to establish the rules which govern the use of devices belonging to employees and Parish Councillors which are used in connection with Parish Council work and/or used to send and/or receive email communication regarding the Parish Council.  Such devices include, but are not limited to, smart phones, tablets, laptops, portable hard drives, USB sticks or any other fixed or mobile computing device.

The Parish Council reserves the right to refuse, prevent or withdraw access to email services where it considers there to be an unacceptable security, or other risk.

Responsibilities:

  • Anyone using a BYOD must ensure that the operating system and security software (anti-virus) is kept up to date at all times.
  • Anyone using a BYOD must ensure that the equipment is password protected with a secure password of at least 8 digits and ideally with multi-factor authentication.
  • It is the responsibility of the employee/Parish Councillor  to ensure all devices they use are compliant with this requirement.
  • All communication on behalf of the Council must be conducted in a respectful, appropriate and professional manner.
  • If your BYOD is a shared device, eg family laptop, it is your responsibility to ensure that the Parish Council email system and any documents held on the device are securely password protected.
  • The Parish Council remains the owner of the data.
  • If you suspect your device has been infected by malware, you must immediately stop using it for Parish Council work and notify the Parish Clerk and Chair and not access Council documents/emails until such time as the malware has been removed.
  • If the employee/Parish Councillor leaves, all Parish Council data must be deleted from BYOD and confirmation that this has happened must be emailed to the Parish Clerk and Chair.
  • If an employee/Parish Councillor’s device is end of life and cannot receive security patches it must not be used for work purposes.
  • Anyone using a BYOD will need to co-operate should it be necessary to access or inspect the device. The Parish Council reserves the right to access BYODs where it is suspected that there has been a security breach or a breach of any Parish Council policy.
  • The Parish Council takes no responsibility for supporting, maintaining, repairing, insuring or otherwise funding BYODs. The Parish Council will not be responsible for any loss or damage resulting from any support given or advice provided.

Consequences of Breaching this Policy

Failure to comply with this policy will be dealt with under the terms of the relevant disciplinary procedure and may result in disciplinary action and/or notification to the relevant law enforcement agencies.

The Parish Council also reserves the right to withdraw access from all or part of its IT systems, network, WiFi, email and/or internet facilities where it reasonably believes that this policy is being contravened.

This Policy was adopted in February 2026