BYOD | Bring your own Device

BYOD | Bring your own Device

Please excuse me, the English website is still under construction.

grüner Hintergrund mit Laptop und Smartphone

Question time on BYODDownload area FAQ on BYOD

Info page on the policy on the use of private IT devices (BYOD) and business IT devices, including mobile IT devices

TU Braunschweig wants to enable its employees to work flexibly and therefore promotes the use of mobile IT devices.

The use of work devices for private purposes and the use of private devices for work purposes has not been permitted to date due to data protection, information security and employment law requirements. With the "BYOD policy", TU Braunschweig enables mixed use and protects its employees from personal liability.

On this website you will find additional information on the guideline Dealing with private IT devices and business IT devices, including mobile IT devices. The guideline applies together with Service Agreement No. 54 for all employees of TU Braunschweig and for all types of IT devices, such as computers, notebooks, smartphones and tablets.

Basic safety measures

TU Braunschweig is obliged to use only state-of-the-art IT devices in all organisational units (OUs) and for all employees in order to minimise the risk of an IT security incident. All devices used for official purposes must therefore fulfil certain requirements (excerpt and examples):

  • Devices must have a password lock and automatically lock when inactive.
  • Only software from trustworthy sources (e.g. manufacturer's website or GITZ) may be installed.
  • Updates to the operating system and installed software must be carried out regularly.
  • Storage media (e.g. hard drives) must be encrypted.
  • An internet connection may only be established via secure connections.
  • The loss of devices must be reported immediately.

How can a private device be used for business purposes?

In principle, the OU management must authorise this use.

A supplementary agreement to the employment contract is also required. In this agreement, employees undertake to, among other things:

  • to take the above-mentioned security measures,
  • strictly separate business and private data on the device,
  • hand over all work-related data and delete it from the device when the employment relationship ends or the private device is changed,
  • to grant the office access to the device in the event of an IT security incident (in compliance with the GDPR and the protection of private data).

Access to the device and the official data by the department only takes place in accordance with the information security regulations in the event of information security incidents in the context of hazard prevention and for technical clarification and, if necessary, by order of the relevant state investigating and supervisory authorities, as well as if necessary in the event of data protection enquiries and data protection incidents in accordance with the EU GDPR.  Of course, all applicable laws are observed during the inspection. Service Agreement No. 54 on this topic also ensures the involvement of the Staff Council and the protection of employee rights.

How can a business device be used for private purposes?

In principle, authorisation from the OU management and a supplementary agreement to the employment contract are also required here.

The above-mentioned security measures are set up by GITZ for centrally managed devices. In the case of decentrally managed devices, the administration can provide advice or configure them directly. Employees must ensure that

  • private and business data are strictly separated on the device and
  • private data is completely deleted when the device is returned.

Question time on BYOD

The CISO staff unit and the Staff Council are jointly organising a digital Q&A session in Webex on the directive on the use of private IT devices (BYOD) and business IT devices, including mobile IT devices, and the associated service agreement no. 54.

You can attend one of the sessions without registering.

Please log in to see the dates.

Download area

Here you will find the policy on the use of private IT devices (BYOD) and business IT devices, including mobile devices

Here you will find the service agreement no. 54 - Concretisation of the guideline on handling private IT devices (BYOD) and business IT devices including mobile IT devices at the Technische Universität Braunschweig.

FAQ on BYOD at the TU Braunschweig

Here you will find frequently asked questions and the corresponding answers.

This section is constantly being expanded and updated.