Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Spotlight: The Cybersecurity and Privacy of BYOD (Bring Your Own Device)

Animation shows hands holding a phone showing the word "Connect," then an inbox, then a game screen.
Credit: NIST

Why lug around a second cellphone for business when your employer lets you use your own? That’s the convenience behind the “Bring Your Own Device” (BYOD) movement in many U.S. workplaces, but what makes life easier can also carry risks.

Here are some stats to get our conversation going (courtesy of Finances Online and Forbes):

  • More than 95% of orgs allowed the use of personal devices for work even before the pandemic. 
  • 86% of IT managers say mobile attacks are growing more frequent.

The threat to privacy and security is real, but what can device users and IT managers do? 

Turn to NCCoE. NIST’s National Cybersecurity Center of Excellence (NCCoE) specializes in real-world IT security needs, creating guidance for specific kinds of businesses.

NCCoE has a newly updated BYOD Practice Guide that highlights the capabilities of both iOS and Android devices. That means employers can ensure all their staff members are protecting the organization’s data when using their personal devices.

The guide is also good for fans of the zero trust approach, which assumes a system will be breached and designs security as if there is no perimeter. Trust isn’t granted to devices solely based on their physical/network location or who owns them.

Most of the guide may be aimed at the C-suite, but NCCoE has resources for individual device users too. Learn how to avoid getting hooked by a phishing scam, the potential dangers to your privacy, and more.

Follow us on social media for more like this from all across NIST!

Released December 1, 2022, Updated December 7, 2022