boarding and off-boarding procedures. Mobile device onboarding
               includes installing security, management, and productivity apps along

               with implementing secure and productive configuration settings.
               Mobile device off-boarding includes a formal wipe of the business data
               along with the removal of any business-specific applications. In some
               cases, a full device wipe and factory reset may be prescribed.


               Adherence to Corporate Policies

               A mobile device policy should clearly indicate that using a personal
               mobile device for business activities doesn’t exclude a worker from

               adhering to corporate policies. A worker should treat mobile device
               equipment as company property and thus stay in compliance with all
               restrictions, even when off premises and off hours.


               User Acceptance

               A mobile device policy needs to be clear and specific about all the
               elements of using a personal device at work. For many users, the
               restrictions, security settings, and MDM tracking implemented under
               company policy will be much more onerous than they expect. Thus,

               organizations should make the effort to fully explain the details of a
               mobile device policy prior to allowing a personal device into the
               production environment. Only after an employee has expressed
               consent and acceptance, typically through a signature, should their
               device be on-boarded.


               Architecture/Infrastructure Considerations

               When implementing mobile device policies, organizations should

               evaluate their network and security design, architecture, and
               infrastructure. If every worker brings in a personal device, the number
               of devices on the network may double. This requires planning to
               handle IP assignments, communications isolation, data-priority
               management, and increased intrusion detection system
               (IDS)/intrusion prevention system (IPS) monitoring load, as well as
               increased bandwidth consumption, both internally and across any
               internet link. Most mobile devices are wireless enabled, so this will

               likely require a more robust wireless network and dealing with Wi-Fi