Faculty work on a computer together.

This summer, BYU-Idaho updated its technology use and security policy for all university employees. With the safety of students and employees in mind, the IT Department revised the existing policy to align more closely with that of other Church Educational System institutions.

The update provides university employees with device and computer security tips, including protecting devices with antivirus software.

“Of course, we would encourage employees to know the policy—to study up on it,” said BYU-Idaho IT Chief Information Officer Joe McWilliams. “There are certainly many good practices in there that could extend into our own personal lives.”

In 2018, the Church Educational System consolidated its security operations center in Provo, Utah, to assist the IT teams at BYU, BYU-Idaho, and BYU-Hawaii.

“The creation of the technology use and security policy was a joint venture with them so that we can be unified in our security policy,” McWilliams said. “For the most part, we have the same policies and direction.”

While the university has had an active technology use and security policy, it was necessary to update some of the language and terminology to keep up with the changes in technology.

“Some of the terms that we use get a little bit outdated, and we have to update some of those things,” McWilliams said.

The format was also updated. Before, there was a brief section of policy followed by many associated documents and standards. McWilliams said it could be a bit unwieldy at times, making it hard to know what was policy and what wasn’t.

“One of the goals here was to bring it all together in one cohesive document that could be approved in President’s Council,” McWilliams said. “That way, everyone could be on the same page, and it could then be published to our new policy library.”

The BYU-Idaho technology use and security policy didn't change too much besides the new formatting and the closer alignment to Provo’s security policy.

“The changes aren’t revolutionary, but it’s healthy for us to review and redraft this type of policy—especially in a world where technologies change over time, and we want to make sure our policies keep up with those changes and the latest best practices for how to protect ourselves and our data,” McWilliams said.