Essential guide to agency-issued phones and BYOD policies

Mobile devices are used for nearly everything from text messages to sending emails to collecting digital evidence from a crime scene. When law enforcement uses any device, including a smartphone whether it’s bring your own device (BYOD) or a agency-issued phone, they must follow the protocols set out by the FBI’s Criminal Justice Information Services (CJIS) compliance for mobile device security and adhere to the CJIS MFA requirements that go into effect October 1, 2024.  

Access to law enforcement data from anywhere is critical for public safety agencies—and for many officers that typically involves using smartphones whether it is their own or an agency-issued phone. Typically, agency-issued phones and devices end up in the hands of commanders and administrators, while personnel in the field usually rely on their own devices or smartphones.¹

There are advantages and disadvantages of BYOD which agencies and organizations must consider. One advantage of BYOD is that if you are a part-time, full-time or a volunteer first responder, you have the ability to use your personal device. However, it's paramount to adhere to security requirements, compliance policies, and productivity. Challenges associated with BYOD policies should be compared to the many benefits of using agency-issued phones and devices.
 

Why use agency-issued phones for public safety?

The vast majority of public safety personnel, about 88%, use smartphones on a daily basis, according to the Verizon Frontline 2023 Public Safety Communications Survey.² These devices can be an important source of real-time mission-critical information and help enable officers to benefit from uninterrupted workflows as they transition from the field to the office.

Smartphones are especially valuable for public safety personnel, like police officers who work on foot, by bicycle, motorcycle, in plainclothes or in other scenarios where a traditional vehicle and in-vehicle computer are not options.³ The bottom line is that police officers need to be mobile to do their job effectively, which usually means they need a smartphone with its advanced features that help provide efficient public safety communications.

In fact, modern 5G-enabled smartphones can provide a range of specialized features and applications designed for first responders. This includes:

• Seamless communication with land mobile radio (LMR) users
• Language translation
• Emergency alerting if an officer is in a foot chase or has been injured
• Officer-specific geolocation
• Access to real-time video surveillance
• Access to records management systems and criminal justice databases
• Access to reports and documentation of incidents (Camera/Photos)
• Mobile computer-aided dispatch (CAD)
• On-scene information collection and field-based reporting
• First-aid guides
   

BYOD policies advantages and disadvantages for public safety

For many organizations, BYOD is a fair option when backed by a robust BYOD policy covering mobile security requirements such as acceptable use, encryption, password security and other CJIS requirements.

Public safety, and law enforcement in particular, is a unique case because devices are frequently used in potentially life-threatening situations where communication is key. Also, because law enforcement devices are used to both store and access highly sensitive data like CJI or PII, they are likely of great value to cybercriminals and organized crime gangs. Which is why security is a top concern for law enforcement agencies.

Mobile Device Management (MDM) helps organizations track and manage mobile devices that are connecting to your organization’s network or CJIS systems. The cloud-based platform features flexible, customer-defined policy management functions that cover a variety of settings to manage mobile devices like multifactor authentication (MFA) which is required as of CJIS security policy 2024. MDM provides administrators the capability of remotely locking or erasing the memory of a lost, stolen or compromised device. CJIS Security policy requires MDM solutions.
 

BYOD policy and security challenges

Data leaks and ransomware are becoming more prevalent as shown in recent news. Beyond identity cloning where a cybercriminal could impersonate law enforcement, other cyberattacks could include ransomware which deploys malicious software to block access to computers or networks in return for money, network intrusions in which a bad actor gains unauthorized access to computers and networks and more.

Across all public safety agencies, 43% of first responders feel completely or somewhat unprepared for a cyberattack, according to Verizon’s Public Safety Communications Survey.⁵

When law enforcement uses any device that accesses criminal data, they must follow the protocols set out by the FBI’s CJIS compliance for mobile device security. All data that is transmitted or stored on a device must be encrypted.

BYOD creates the possibility that an officer’s personal phone and any personal information stored in the device, could potentially be retained as evidence and therefore subject to discovery in court proceedings. This makes BYOD a challenge for law enforcement.
 

BYOD considerations

When it comes to a BYOD policy, public safety agencies should consider these BYOD advantages and disadvantages around security, technology control and productivity:⁴
 

Heightened security risks

BYOD policy security challenges include:

• Exposure of personally identifiable information (PII) related to officers and personal contacts, especially if a BYOD device and its contents become evidence and subject to discovery in court proceedings
• Non-compliance with CJIS security requirements, such as regular software/security updates, multi-factor authentication (MFA), encryption and agency-controlled mobile device management (MDM)
• Risks associated with exposing confidential police communications or sensitive information on personal devices
• Security risks of officers or family members visiting risky sites, downloading malicious apps, clicking on phishing links or using unsecured Wi-Fi
   

Limited technology control

A BYOD policy may limit the ability to effectively manage devices, such as:

• Limited management and control of devices owned by officers
• Challenges over deciding where responsibility lies for securing devices against threats and remediating incidents
   

Reduced productivity

A BYOD policy may also impact public safety agencies' ability to effectively carry out their duties, for example:

• Inability to use law enforcement applications for improved situational awareness and fieldwork
• Challenges with the "discovery" of information relevant to a particular case, which may sit alongside personal information like photos and contacts
• Officers may lose access to a personal device due to information on that device potentially being subpoenaed for information under case and Freedom of Information (FOIA) requests⁶
   

Why choose agency-issued phones and devices?

Agency-issued smartphones offer enhanced security and functionality for agencies and first responders. CJIS compliance also includes being enrolled in an agency-controlled mobile device manager (MDM) and encryption for all work-related data transmitted or stored on a device. Additionally, here are five benefits of using agency-issued smartphones for public safety:⁷

1. Access to priority features guarantees better network connectivity and quality of service (QoS), even during natural disasters and major incidents
2. Improved safety, reliability and efficiency
3. Enhanced officer productivity and safety through a wide range of  department-approved applications designed to support their work in the field
4. Secure communication of sensitive information compared to LMR use
5. Privacy, security and other operational risk mitigation related to the routing of law enforcement calls to personal phones, and the provision of personal phone numbers to suspects, witnesses and victims
    

Access to priority features like wireless priority services (WPS)

Wireless Priority Service (WPS) provides voice priority for wireless public safety communications for authorized agency personnel that support critical infrastructure and emergency services during emergencies. WPS enables users to have reliable communications they need to fulfill their missions. WPS can be leveraged on both agency-issued phones and by personal devices (BYOD). In both cases, the devices have to apply through the Department of Homeland Security (DHS). The Verizon Frontline First Responder Benefits Program offers WPS at no additional cost to First Responders.

The Verizon network was built right to support, recognize and prioritize first responders on the front line, ensuring that public safety communications receive priority. Verizon offers a comprehensive range of mobility services for public safety customers built on America's most reliable 5G network.⁸ Verizon also offers a discount program with exclusive offers only for our First Responders.

Learn why more than 40,000 agencies already rely on Verizon Frontline for its mission-critical solutions.