Once you've decided whether or not your department will be more restrictive in its implementation of SPG 601.33, you will need to document your decision, and inform people in your department what is expected of them.
Email Sample Copy
It is recommended that you communicate the decision in writing (for example, in a department-wide email message). The following sample email communications may be modified for use within your department:
Additional communication about the personally owned device policy and your department decision is encouraged to reinforce the policy and promote safe computing. Several visual resources and graphics were developed and are available to support and enhance your communication efforts. You are invited to review and download any or all of the resources to use within your department.
Website Sample Copy
Suggested copy for your department’s internal website. Modify as appropriate.
A new university policy permits U-M staff to use their properly managed and secured personally owned devices to access sensitive university data when necessary in the course of their work. [Insert department or unit name] will follow the policy and its supporting guidance [with an additional restriction[Link]].
Follow the links below to review what is expected of you, and to learn how to help minimize the risk to university data as well as your own personal information.
- Video: Secure Your Devices: For You and the U
- Security of Personally Owned Devices That Access or Maintain Sensitive Institutional Data (SPG 601.33)
- [Insert link to additional restriction(s) if applicable]
- Sensitive U-M Data on Personal Devices
- Secure Your Devices
- Safely Use Sensitive Data
- Safe Computing website
Following policy roll out, you are encouraged to survey your staff to measure roll out success and gauge staff understanding of the new policy.