The main goal of any IT security policy is to protect confidentiality, integrity, and availability (CIA) of data. With that said, one reason to have the BYOD security policy is to identify devices that introduce unnecessary vulnerabilities to the organization's computing resources. Address how timely discovery of such vulnerabilities will reduce the attack vector on an organization's computing resources.