Cybersecurity Reference > Glossary
Bring Your Own Device (BYOD)
Bring Your Own Device, or BYOD, is an acronym that refers to the use of personal hardware in corporate settings.
The term may refer to corporate policies that allow such use, to the devices that employees actually use under such policies, or to the illicit or unapproved use of personal devices in corporate settings without detection.
BYOD is a resonant phrase because it invokes both strong negative and strong positive responses, depending on setting and involved parties.
Positives under permissive BYOD policies include the facts that organizations save on hardware purchase and maintenance costs, and that users are often more productive when working with devices and computing environments that are familiar and personally tailored.
Negatives under permissive BYOD policies include the facts that user resistance to security measures is often increased, that support overhead is often increased, and that regulatory compliance may in many cases be significantly more difficult to maintain.
In practice, BYOD policies frequently allow for the use of personal devices to check work email, connect with work chat apps, and provide mobile-based two-factor and multi-factor authentication, though often with various restrictions or configuration requirements. More general BYOD policies that permit everyday company work to be carried out entirely on personal devices are less common, and associated with higher levels of risk and complexity.