Guidelines for Bring Your Own Device (BYOD)

BYOD guidelines

HKU will continue to promote a security-conscious culture and conducting regular security audits and assessments for compliance and to protect sensitive information. Whenever you use a non-corporate device for work purposes, ie your personal devices including smartphones, tablets, laptops not managed by corporate, please follow BYOD (bring-your-own-device) policy as additional layer of security and for compliance requirements to access work-related data and applications.

It’s always a reminder that your responsibility to comply with HKU privacy statement, code of practice and not to misuse HKU assets and information collected or stored in BYOD equipment.

  • Limit corporate data access using corporate device managed (comply with ITS) and use BYOD when necessary however comply with BYOD policy to corporate data
  • Avoid public Wi-Fi when accessing HKU network
  • Execute MFA at all times (when ready)
  • MacOS devices must be registered with Apple ID
  • Secure all internet connections, including home Wi-Fi network
  • Restrict personal applications on work devices
  • Technical measures would be implemented for BYOD equipment where HKU assets and information are stored for no purpose or mis-used

Policy Enforcement

  • DPO/ITS will initiate BYOD policies. Individual faculty / department is requested to manage BYOD end point devices to strengthen university wide data protection and security.
  • Additional measures include data access restrictions on applications, device disposal or decommissioning policy will be implemented for further notice.


Multi-Factor Authentication

February 2024
February 2024

Mandatory for all staff accounts

May 2024
May 2024

Mandatory for all student accounts