The stance of the Information Security Office within DotCIO is that access to Rensselaer data and systems for business operations should only be through Rensselaer owned and managed devices with appropriate security controls and configurations.   Please review the Information Classification Policy; by policy, personally-owned devices cannot not be used to store confidential data.  

Even if you are not accessing confidential data, personal devices introduce serious cybersecurity risks to Institute resources.  Personal devices do not have centrally managed endpoint security, logging, and other controls in place for us to detect and react to threats efficiently or effectively.