Device Security Center

The behavioral security requirements of the BYOD policy are not listed on the device registration form, but they are very important to keeping client information secure. Following are some helpful instructions and tutorials for how to make small changes to your behavior that will support the security of clients and your practice.

1) Never connect to untrusted WiFi

WiFi is everywhere, but it’s a bit shocking just how unsecure most WiFi is.

Very importantly: avoiding untrusted WiFi isn’t just important when you are accessing practice systems or working with client information. Using untrusted WiFi can easily cause your device to get infected or cloned (that’s where a bad guy makes a virtual copy of your phone, essentially.)

Devices that contact client information need to be protected from these harmful situations. So they should never be connected to WiFi that you can’t trust. For that reason, BYOD devices should only be connected to approved WiFi at practice facilities, and to home WiFi where you have set up a secured branch of your WiFi that is not shared with anyone else, including guests.

In cases where you do not have access to trusted WiFi and you need to access the Internet, the best solution is to use your phone’s data plan. If you need to use a computer, your phone can usually be set up to act as its own private WiFi hotspot. That is a very reliable way to make sure you always have trustworthy WiFi for your BYOD devices.

2) When traveling with a device, always carry it with you

We know it is tempting to leave devices in the car while you run into the store, but that is one of the most common ways that devices get stolen and data breaches occur. Even when we put computing devices in the car’s trunk, historical data shows us that they get stolen frequently enough that a car trunk isn’t quite safe enough for the needs of mental health professionals.

So when traveling with BYOD devices, always carry them with you.