In this step you’ll associate users and groups with a specific network according to the policy you have defined. For example, Dr. John Smith, Emergency Department physician, wants to use his iPad to access medical records. Thus you need to assign a unique identifier (such as a MAC address) to identify his device, identify the owner (Dr. Smith), specify an SSID that identifies the wireless network, and specify the physical Access Point(s) from which that network can be accessed. This could involve specifying the following using the NAC tool: Ten Steps to Secure BYOD These “Who/What/Where/When” specifications that define network access for Dr. John Smith can now be carried over, with suitable modifications, to other emergency room physicians and doctors on other hospital units. 6. Educate your employees about the BYOD policy Now that you’ve built out your BYOD policy, you want to make sure that employees understand it, as well as the reasoning behind it. They also need to understand that the policy will be enforced. A lesson that Bradford Networks has learned from over 10 years of securely on-boarding all types of mobile devices – first in the education market and now in the mainstream – is that effective communication with employees is essential for BYOD to succeed. Most security issues that companies face are caused by users who are unaware of the rules that the enterprise puts in place, or the risks of ignoring them. You want to educate and engage them so the BYOD initiative will be a success. And since employees are going to buy personal devices and receive them as gifts, you want to be sure they know which devices to get.