I don't see anything special in this post for BYOD. These are things that every organization should be doing to protect their data. Personally I don't think these steps go far enough. One of my pet peeves is network infrastructure. If your network infrastructure is compromised then there is very little you can do to protect your network. Use accounts that are not tied to any type of computer account. Only allow changes from boxes physically located on site. Monitor activity to critical data. Only use encrypted protocols for access to network devices. Monitor network configurations for changes (tripwire offers a framework for doing this). This may sound a little draconian, but the network layer is used to segment and protect the rest of the network. If it's compromised then all other security is in doubt.