This paper addresses the
APT issue via spear phishing attacks within BYOD environment, through the mediation provided by security
policies. The devising of Mandatory Access Control (MAC) security policies using ACPT includes the
implementation of environment attributes along with the specification of proposed policy rules for organizations is
proven to be the most suitable policy mechanism for BYOD environment.