Gartner for IT Leaders Tool [Organization Name] Mobile Device Policy and Procedures for Personally Owned Devices: BYOD Program
|
|
- Elfrieda Phelps
- 7 years ago
- Views:
Transcription
1 Tool [Organization Name] Mobile Device Policy and Procedures for Personally Owned Devices: BYOD Program June 2012 Unless otherwise marked for external use, the items in this Gartner Toolkit are for internal noncommercial use by the licensed Gartner client. The materials contained in this Toolkit may not be repackaged or resold. Gartner makes no representations or warranties as to the suitability of this Toolkit for any particular purpose, and disclaims all liabilities for any damages, whether direct, consequential, incidental or special, arising out of the use of or inability to use this material or the information provided herein. The instructions, intent and objective of this template are contained in the source document. Please refer back to that document for details.
2 June 2012 Page 1 TABLE OF CONTENTS About This Template... 3 Policy Background and Context... 3 Definitions... 4 Smartphone... 4 Media Tablet... 4 Mobile Device... 5 Mobile Applications... 5 Scope... 5 User Roles and Responsibilities... 5 User Responsibilities... 5 Condition... 5 Loss or Theft... 5 Applications and Downloads... 5 Backup and File Sharing or Synchronization... 6 Functionality and Feature Management... 6 User Safety... 7 Data and System Security... 7 Penalties... 8 Support for BYOD... 8 Reimbursement Guidelines... 9 Organization Discounts... 9 Technical Support Processes... 9 How to Get Support... 9 Warranty and Replacement Responsibility Miscellaneous Termination of Employment Exceptions E-Discovery Related and Other Documents User Agreement Appendix A: Guidelines for Eligibility Appendix B: Eligible Devices and Platforms Appendix C: Security Criteria for Personally Owned Mobile Devices Appendix D: Stipends for Eligible Employees Appendix E: Reimbursable Software and Services... 13
3 June 2012 Page 2 LIST OF TABLES Table 1. Eligible Devices and Platforms... 12
4 June 2012 Page 3 About This Template Gartner has developed this bring your own device (BYOD) mobile device policy template for the following purposes: To help clients navigate discussions about the wide range of policy and procedural issues related to the use of mobile devices. To provide options for policies and procedures based on Gartner's knowledge of mobile device issues To provide language that can be adopted verbatim (or easily adapted) for an organization's policy documents Think of the policies in this template as options that you can incorporate into your organization's policy. In some sections, we have provided specific options that you can select. The policy language is crafted so that you can adopt it verbatim or modify it to your specific situation. We do not expect that all the issues covered in this policy template will apply to all organizations. Review the template document, discuss the topics and select the policies that will create the desired impacts of risk mitigation and cost control in your organization. We also recommend the following general guidelines for policy development practices: Engage stakeholders from the human resources, legal and/or compliance departments during the process. Include policies that are relevant to your organization's standard operating procedures. Do not adopt policies that your organization won't be able to enforce. The mobile device policy template includes a User Agreement section for the end-user's signature. Once the policies are changed, the IT organization can issue the policy document to existing and new employees and other end users. Periodically review your policy document to ensure that it is up to date with your organization's needs and related regulations. Help your end users comply with the policy by making it easy for them to understand. Use plain, clear language. Make the document as concise as possible. Policy Background and Context [Note for policy authors: You can add the following text or similar content to the introduction of your policy document.] The purpose of this policy is to define accepted practices, responsibilities and procedures for the use of personally owned mobile devices that [Organization name] authorizes to connect to enterprise systems. This policy defines the commitment requirement, provides guidance for the secure use of end-user mobile devices and provides reimbursement guidelines for all mobile endpoint devices, including mobile phones, smartphones and media tablets.
5 June 2012 Page 4 At the core of this policy is the concept that the employee, through an opt-in decision, trades control over his/her personal device in exchange for access to corporate resources (such as the network and ). It is important that the consequences and obligations of this arrangement are well-understood. Therefore, we require a signature on the last page of this policy to confirm that it has been read and comprehended. These obligations include, but are not limited to: Employee acceptance that a personal device may be remotely wiped (i.e., erasing all data and applications) by [Organization name] Employee understanding that he or she is solely responsible for backing up any personal content on the device Employee agreement to keep the device updated and in good working order Employee acknowledgment that [Organization name] will in no way be responsible for damaged, lost or stolen personal devices while the employee is performing organizational business Employee agreement to allow IT to load manageability software on personally owned devices Mobile devices are a valuable tool in conducting business. It is the policy of [Organization name] to protect and maintain user safety, security and privacy, while simultaneously protecting enterprise information assets while using these tools. Use of mobile devices supplied by or funded by [Organization name] shall be primarily for enterprise business. However, [Organization name] will permit the use of personally owned devices, subject to the following broad guidelines: The decision to be eligible to use a personally owned mobile device for organization business will be based on a documented business need and appropriate management approval. Guidelines for eligibility can be found in Appendix A. Definitions Smartphone Reimbursement of expenses incurred by qualified users will follow enterprisewide or departmental policies. A smartphone is a mobile device with screen dimensions of between 2.5 inches and 5 inches, with voice, messaging, scheduling, and Internet capabilities. Smartphones also permit access to application stores, where aftermarket software can be purchased. A smartphone is based on an open OS. The OS has a software developer kit available that allows developers to use native APIs to write applications. It can be supported by a sole vendor or multiple vendors. It can, but need not, be open source. Examples include BlackBerry OS, ios, Symbian, Android, Windows Phone, Linux, Limo Foundation, webos and Bada. Media Tablet A tablet is an open-face wireless device with a touchscreen display and without physical keyboards. The primary use is the consumption of media; it also has messaging, scheduling, , and Internet capabilities. Diagonal screen dimensions are typically between 5 inches and 10 inches. Media tablets may have open-source OSs (such as Android) or a closed OS under the
6 June 2012 Page 5 control of the OS vendor and/or device make (such as Apple's ios and Windows). Media tablets may or may not support an application store. Mobile Device This refers to any mobile phone, smartphone or media tablet. Mobile Applications This refers to software designed for any or all the mobile devices defined in this policy. Scope This policy applies to all users, (e.g., employees, contractors, consultants, suppliers, customers, government, academic agencies and all personnel affiliated with third parties) worldwide who access and/or use [Organization name] IT resources from non-[organization name] issued and owned devices. User Roles and Responsibilities User Responsibilities Despite individual ownership of the mobile device, the organization expects the user to assume certain responsibilities for any device that contains enterprise information or connects to enterprise resources. Users must ensure that they comply with all sections of this agreement. Condition Users must agree to keep up to date (as defined in Appendix B) and in good working order all devices and platforms supported by [Organization name]. Loss or Theft Users must maintain a device compatible with the organization's published technical specifications, which will be updated at least every two years. If a device falls out of compliance, then it may be blocked from access until it is in good working order and meets minimum requirements. Within [define time frame of number of hours or days], users must report the temporary or permanent loss of personal devices to the help desk (to allow the device to be remotely wiped over the network) before cancelling any mobile operator services. Users must cancel any individual services for personally owned devices after the remote wipe of the device is completed. Applications and Downloads Users must ensure that they install application updates in accordance with [Organization name] guidelines. Downloading applications from the platform's (e.g., Apple's, Android's) general application store is acceptable, as long as the application complies with this policy and the IT security policy and HR policies of [Organization name], and is not on the blacklist
7 June 2012 Page 6 at [insert app store or intranet URL] or the app is available on the whitelist at [insert app store URL]. Users [may not charge or may only charge approved] individual application purchases to the organization's credit card. Backup and File Sharing or Synchronization Users are responsible for backing up all personal information on their personal hard drives or other backup systems. [Organization name] cannot be held liable for erasing user content and applications when it is deemed necessary to protect enterprise information assets or if a wipe is accidentally conducted. The procedures to do this are located at: For ios: [insert intranet URL] For Android: [insert intranet URL] For BlackBerry: [insert intranet URL] Users must use enterprise-sanctioned network file shares for the purpose of synchronizing organization information between devices, and may not use unapproved cloud-based file synchronization services (such as [Proprietary solution name], etc.). Only [Organization name-provided solution X] may be used for this purpose. Users may not use external accounts to synchronize the organization's information to a personal device. Functionality and Feature Management Cameras in mobile devices are not to be used in the organization's secured facility areas unless permission from site management is obtained beforehand. Upon the organization's request, users must allow the installation of a mobile device management software agent, or any other software deemed necessary, on the user's device. The device functionality must not be modified unless required or recommended by [Organization name]. The use of devices that are jailbroken, "rooted" or have been subjected to any other method of changing built-in protections is not permitted and constitutes a material breach of this policy. Users must accept that, when connecting the personal mobile device to [Organization name] resources, the [Organization name] ' security policy will be enforced on the device. The security policy implemented may include, but is not limited to, areas such as passcode, passcode timeout, passcode complexity and encryption. Users must take appropriate precautions to prevent others from obtaining access to their mobile device(s). Users will be responsible for all transactions made with their credentials, and should not share individually assigned passwords, PINs or other credentials. Users are responsible for bringing or sending the mobile device to the IT security department and handing over necessary device access codes when notified that the
8 June 2012 Page 7 User Safety device has been selected for a physical security audit, or in the event the device is needed for e-discovery purposes. Users may not provide access credentials to any other individual, and each device in use must be explicitly granted access after agreeing to the terms and conditions of this document. Users should comply with the following safety guidelines when using mobile phones while in their vehicles: Users must comply with all country and local regulations regarding automobile safety. It is preferable to dial while the vehicle is not moving; otherwise, use voice recognition or speed dial to minimize risk. Never use the phone in heavy traffic or bad weather. When driving, always use a hands-free phone, a Bluetooth headset or a corded headset when possible. Never look up phone numbers while driving. Never have stressful conversations while driving. Do not program navigation applications while driving. Keep your eyes on the road while on the phone. Follow the local laws guiding the use of mobile phones, if such laws exist. [Note for policy authors: Alternatively, you may use the following statement to substitute for the text in this section: "Users are asked not to talk, text or otherwise communicate via a mobile device while driving."] Data and System Security All organization data that is stored on the device must be secured using [Organization name]- mandated physical and electronic methods at all times. Mobile device users must comply with the physical security requirements defined in [reference appropriate organization document] when equipment is at the user's workstation and when traveling. Users must take the following physical security preventative measures to protect [Organization name] data and systems. All users shall abide by [Organization name] standard information security directives for the device at all times. Device users must comply within [define time frame, in number of hours or days] with directives from their business units to update or upgrade system software, and must otherwise act to ensure security and system functionality. Personally owned mobile devices connecting to the network must meet the security criteria listed in Appendix C.
9 June 2012 Page 8 Mobile devices must not be left in plain view in an unattended vehicle, even for a short period of time. Mobile devices must not be left in a vehicle overnight. Mobile devices must be positioned so that they (and the information contained within them) are not visible from outside a ground-floor window. A mobile device displaying sensitive information being used in a public place (e.g., train, aircraft or coffee shop) must be positioned so that the screen cannot be viewed by others, thus protecting [Organization name] information. A tinted/polarized screen guard may be used to decrease the viewing angles of any mobile device. Penalties Personally owned laptops and portable computing devices are prohibited from connecting to the [Organization name] network without prior approval from the IT security department. There are consequences for end users who do not comply with the policies detailed in this document: [Note for policy authors: Include text that defines the following policies and procedures. Who or which department within the organization is responsible for monitoring compliance The organization's position on issuing warnings for most breaches of policy before penalty enforcement, including number of warnings and the procedure for documenting warnings The organization's appeal process Note that HR guidelines will likely have input for the proper course of action, including possible termination for the most egregious offenses.] Support for BYOD [Organization name] supports the following BYOD models: [Note for policy authors: Delete the items that are not applicable.] Users that are eligible for a organization-liable smartphone may, at their own expense, purchase another device from the list of supported devices in Appendix B and transfer their organization-liable subscription to this new device. Users with personal preferences for a different brand or model of mobile device may purchase one at their own expense as long as it meets the requirements in Appendix A. Eligible users can receive a monthly stipend toward cellular services (see Appendix D for amounts) provided they purchase a device from the list of supported devices in Appendix B. Phone Number Ownership:
10 June 2012 Page 9 [Option 1 (for systems where pooled minutes require that all numbers be enterpriseowned)] Employees who wish to put their personal device on a corporate contract must realize that their personal phone numbers will become the property of [Organization name] and that the return of that number to the individual may be impossible. The organization has the discretion to port the phone number back to the employee, unless there is a prior written agreement in place. Individuals who wish to keep their personal numbers permanently must change to an [Organization name] phone number or [Option 2 (requires implementation of an enterprise communications gateway)] Employees will be required to install unified communications software that will mask the employees' phone numbers behind the [Organization name] internal telephony system. When business calls are made from a personal phone, those calls will have to be directed through the [Organization name] telephony system. Personal calls can be directed through an employee's personal number. Employees who are not eligible for an organization-funded mobile device may connect a personal device to corporate resources, as long as it meets the requirements in Appendix A and the employee has signed this policy after receiving manager approval of inclusion in the BYOD program. Reimbursement Guidelines Ensure that any and all expenses pertaining to downloads of applications and/or use of websites are submitted for reimbursement in accordance with all current and future [Organization name] reimbursement policies. [Organization name] will not be responsible for personal purchases. Submit appropriate documentation to secure a reimbursement for data service up to the level specified by [Organization name] management and in accordance with [Organization name] reimbursement guidelines governing user expenses for business purposes. If an employee wants accessories for his or her device, they may be purchased at the employee's discretion. [Organization name] does not provide accessories beyond basic chargers, hands-free kits and belt clips. The normal procurement, approval and expense reimbursement procedures should be followed. Only software or services listed in Appendix E may be submitted for reimbursement. Organization Discounts [Organization name] has preferred operator agreement(s) with [Vendor name(s)]. All users should seek to source their mobile device and/or applications from the preferred supplier to benefit from any organization-negotiated discounts. Technical Support Processes How to Get Support The help desk will provide support for BYOD when it comes to connectivity and back-end system operational questions only. Support for BYOD participants is limited to no more than 15 minutes of support for one incident per month [alternative: two incidents per quarter]. Support calls that
11 June 2012 Page 10 exceed this limit will be billed on a time-and-materials basis to the end-user's department.[organization name] has provided self-support tools in the form of a wiki at [insert URL] and a mail distribution list to facilitate peer support activities. The help desk will not support device replacement, device upgrade, device operational questions or embedded software operational questions (such as questions related to the browser, system, etc.). The help desk will only provide assistance on questions related to [Organization name] back-end software and the delivery of [Organization name] content to the device. All other inquiries must be directed to the end-user's mobile operator or other issuing retailer supporting the personal device. Warranty and Replacement Responsibility If an employee's device breaks or becomes damaged while conducting corporate business, [Organization name] will not reimburse the employee for any repairs or replacements. Consult with your device's manufacturer or retailer for applicable warranty agreements or repair services. The help desk has a pool of loaner devices that can be used for a period of [up to 10] working days while the personally owned device is being replaced or repaired. These devices may not necessarily be identical to the BYOD device being repaired. Alternatively, the end user should make arrangements with the mobile operator for temporary device replacement plans. Miscellaneous Termination of Employment Upon termination of employment, [Organization name] will remotely wipe all devices with the organization's information on them. It will be up to the end user to back up personal application and data prior to this event, and to restore only personal information after the device has been cleared of contents. Former employees are not authorized to restore any application or data that originated through the relationship with their former organization. Any attempt to restore such information will be subject to legal action against the former employee. Certain devices may be considered an exception; the help desk will verify that all organizationrelated information has been removed. Terminated employees must sign off on having no other copies of [Organization name] information stored on their devices. Please note that the paragraphs in the employee agreement related to handling corporate information also pertains to any information stored on personal devices or backups of them, regardless of media. Employees may also be responsible for any charges for service paid in advance of actual use. Exceptions [Note for policy authors: In any policy document, there will be exceptions. When exceptions grow to include large numbers of end users, revise the policy document to reflect and deal with reality. Policies can also outline a process for managing exceptions, as noted below.] Security exceptions should be routed to the IT security department. Financial exceptions should be routed to the supervisor, business unit manager or financial department. There should be an escalation process, where necessary, that may be through a committee or designated individual.
12 June 2012 Page 11 E-Discovery Exceptions to this policy may only be approved by the CIO. [This statement could apply to a particular policy or to the entire document.] In the unlikely event of [Organization name] needing access to the device for e-discovery purposes, the employee is obliged to hand over the device along with the necessary passcodes. Related and Other Documents [Enter a reference to your organization's IT security policy here.] User Agreement I acknowledge that I have read this document in full and understand the terms of use and my responsibilities as a designated user. I agree to these terms in their entirety and agree to fully and to the best of my ability comply at all times to the responsibilities of users contained herein. I make no claims on my organization to protect any personal data and fully understand that I have accepted this policy under no coercion of any kind from my employer. I understand that violations of this agreement can result in revocation of BYOD eligibility and subject me to potential disciplinary actions, up to and including termination of employment. [Organization name] can, at anytime and at its discretion, modify this user agreement and require device users to reconfirm their agreement. Participant Name (printed): Participant Signature: Date: Participant's eligibility for program verified by: Manager Name (printed): Manager Signature: Date: Appendix A: Guidelines for Eligibility Eligibility for participation in the BYOD program will be assessed by the employee's line manager. The manager should use the following guidelines for his or her evaluation: There is a justifiable business requirement for having mobile access to [Organization name] information. Employee agrees to opt in to [Organization name] management policies and procedures defined here and in related policy documents. The employee's device satisfies the conditions listed in Appendix B and Appendix C. The organization may have reasons to deny eligibility, which may include: Working with classified documents
13 June 2012 Page 12 Working in a high-security area or department Working in a department with rigorous discovery and compliance requirements Temporary or probationary employee status. Appendix B: Eligible Devices and Platforms The following device and platform types are eligible for the BYOD program (see Table 1). These choices are subject to change at any time. Users should check periodically for updates at [insert intranet URL]. Users will be notified if their devices are automatically detected as no longer being eligible. [Note for policy authors: See "Use Managed Diversity to Support Endpoint Devices" as a framework to develop this appendix.] Table 1. Eligible Devices and Platforms Android IOS Symbian Windows RIM Platform Device Software Appendix C: Security Criteria for Personally Owned Mobile Devices All personally owned mobile devices connecting to the network or accessing organization information must meet the following security criteria: All [Organization name] users must select strong passwords and change passwords in accordance with the [Organization name] password management policy. All personal mobile devices must be configured with a minimum password length of eight characters. All personal mobile computing devices must be protected by boot passwords as well as by disabling the boot options from alternate media (including, but not limited to, USB flash drive, CD or floppy). All personal mobile devices must be secured with a password-protected screen saver when left unattended, and must be configured to automatically lock after a predefined period of inactivity. The [Organization name] MDM tool [Tool name] must be installed on the device. Appendix D: Stipends for Eligible Employees Stipends can be for device purchase or for services, or for both. [Organization name] does/does not provide stipends for device purchase. [Note for policy authors: Define payment process and taxation requirements here, or reference a related policy document.] Through the payroll function, [Organization name] may issue
14 June 2012 Page 13 monthly stipends to employees to cover service costs for voice, data or a combination. Such stipends will be listed as "mobile service allowance." Management will determine the stipend amounts to be granted according to the user category to which the employee belongs. Employees who receive stipends are expected to pay any received bills in a timely fashion according to the mobile operator's terms and conditions. The enterprise will not act on the employee's behalf to cover any charges issued by the mobile operator to cover any violation of terms. Employees are responsible for any charges exceeding the monthly stipend for service charges. Employees may retain any amount of the stipend in excess of actual charges to apply to future overages. The enterprise may adjust the stipend amount provided to employees at anytime and for any reason. Unusual charges for business may be submitted for expense reimbursement at the discretion of the supervisor. Examples include those for valid international travel or excessive use during any one charge period. Appendix E: Reimbursable Software and Services The following mobile applications and services are reimbursable; follow your department's appropriate reimbursement policies: [Note for policy authors: These are only examples. You should modify this list to include appropriate applications.] Navigation Package Docs to Go MindMap
Mobile Device Usage and Agreement Policy
Page 1 of 10 1.0 Introduction Mobile Device Usage and Agreement Policy The State of Minnesota provides several electronic tools for employees whose job performance requires or would be enhanced by their
More informationGuidelines. I. Purpose. A. Ownership and Responsibilities
MDM Guidelines I. Purpose The purpose of these guidelines is to establish mobile device management standards for securing college owned mobile devices. College owned devices are defined as any smart device
More informationBYOD Policy for [AGENCY]
BYOD Policy for [AGENCY] This document provides policies, standards, and rules of behavior for the use of smartphones, tablets and/or other devices ( Device ) owned by [AGENCY] employees personally (herein
More informationCorporate Mobile Policy Template
Updated July 2011 Three major changes have occurred over the past 18 months that require updates to your organization s mobile policy. These changes include widespread adoption of tablet devices, changes
More informationMobile Devices Policy
Mobile Devices Policy Item Policy description Division Director Contact Description Guidelines to ensure that mobile devices are deployed and used in a secure and appropriate manner. IT Services and Records
More information[BRING YOUR OWN DEVICE POLICY]
2013 Orb Data Simon Barnes [BRING YOUR OWN DEVICE POLICY] This document specifies a sample BYOD policy for use with the Orb Data SaaS MDM service Contents 1 ACCEPTABLE USE... 3 1.1 GENERAL RULES... 3 2
More informationSouthwest Airlines 2013 Terms of Use Portable Devices Feb 2013
1 TERMS OF USE As of February 3, 2013 The following terms and conditions of use ( Terms of Use ) form a legally binding agreement between you (an entity or person) and Southwest Airlines Co. ( Southwest
More informationHow To Write A Mobile Device Policy
BYOD Policy Implementation Guide BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment We won t bore you with the typical overview that speaks to the
More informationMobile Device Management for CFAES
Mobile Device Management for CFAES What is Mobile Device Management? As smartphones and other mobile computing devices grow in popularity, management challenges related to device and data security are
More informationEXECUTIVE DECISION NOTICE. ICT, Communications and Media. Councillor John Taylor. Deputy Executive Leader
EXECUTIVE DECISION NOTICE SERVICE AREA: SUBJECT MATTER: DECISION: DECISION TAKER(S): DESIGNATION OF DECISION TAKER(S): GOVERNANCE ICT, Communications and Media PERSONAL DEVICE POLICY That the Personal
More informationBYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012
BYOD and Mobile Device Security Shirley Erp, CISSP CISA November 28, 2012 Session is currently being recorded, and will be available on our website at http://www.utsystem.edu/compliance/swcacademy.html.
More informationMobile Security Standard
Mobile Security Standard Title Mobile Security Standard Mobile Device Security Category Version: 18/07/2013 PUBLISHED Author:, IT Services Contact: itsecurity@contacts.bham.ac.uk Mobile Security Standard
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Data Handling and Storage Standard This standard is applicable to all VCU School of Medicine personnel. Approval
More informationBYOD. opos WHAT IS YOUR POLICY? SUMMARY
BYOD WHAT IS YOUR POLICY? opos SUMMARY The organization s employees and contractors frequently perform employment-related tasks which require connecting to the organization s networks, systems, and/or
More informationCITY OF SALINE CELL PHONE POLICY
CITY OF SALINE CELL PHONE POLICY Purpose The City of Saline acknowledges that to provide efficient services to its citizens some of its employees must be available either 24x7 or while they are away from
More informationBEConnected User Agreement
BEConnected User Agreement Page 1 of 5 INTRODUCTION This is a legal document between you and the owner ( Belmont College ) of the Apple ipad tablet ( ipad ) in connection with the delivery of an ipad to
More informationBring Your Own Device. Individual Liable User Policy Considerations
Bring Your Own Device Individual Liable User Contents Introduction 3 Policy Document Objectives & Legal Disclaimer 3 Eligibility Considerations 4 Reimbursement Considerations 4 Security Considerations
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Handheld Mobile Device Security Standard This standard is applicable to all VCU School of Medicine personnel.
More informationTHE ENTERPRISE MOBILITY POLICY GUIDEBOOK
THE ENTERPRISE MOBILITY POLICY GUIDEBOOK October 2010 Edition 2 About This Guidebook Research from Strategy Analytics shows that over 90% of organizations now have employees using smartphones within their
More informationIBM Endpoint Manager for Mobile Devices
IBM Endpoint Manager for Mobile Devices A unified platform for managing mobile devices together with your traditional endpoints Highlights Address business and technology issues of security, complexity
More informationFrequently Asked Questions & Answers: Bring Your Own Device (BYOD) Policy
Frequently Asked Questions & Answers: Bring Your Own Device (BYOD) Policy Converting a Device Whose phones will be wiped on Wednesday, January 30? If you continue to have a company-paid phone, you are
More informationBlackBerry 10.3 Work and Personal Corporate
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
More informationA guide to enterprise mobile device management.
WHITEPAPER A guide to enterprise Beyond expectation. www.azzurricommunications.co.uk Introduction. As smartphones and tablets proliferate in the enterprise, IT leaders are under pressure to implement an
More informationHOWARD UNIVERSITY POLICY
HOWARD UNIVERSITY POLICY Policy Number: Series 700: Information and Technology Policy Title: 700-004 MOBILE DEVICE STIPEND POLICY Responsible Officer: Chief Operating Officer Delegated to: Chief Information
More informationKony Mobile Application Management (MAM)
Kony Mobile Application Management (MAM) Kony s Secure Mobile Application Management Feature Brief Contents What is Mobile Application Management? 3 Kony Mobile Application Management Solution Overview
More informationWhat We Do: Simplify Enterprise Mobility
What We Do: Simplify Enterprise Mobility AirWatch by VMware is the global leader in enterprise-grade mobility solutions across every device, every operating system and every mobile deployment. Our scalable
More informationManaging and Securing the Mobile Device Invasion. 2012 IBM Corporation
Managing and Securing the Mobile Device Invasion 2012 IBM Corporation Please Note: IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM
More informationBring Your Own Device: Calling for a Strategy. CHIME College Live 23 April 2014
Bring Your Own Device: Calling for a Strategy CHIME College Live 23 April 2014 Bring Your Own Device (BYOD) Topics» Introductions» Learning Objectives» Business Drivers» Key Strategies» Policy Issues»
More informationMontclair State University. HIPAA Security Policy
Montclair State University HIPAA Security Policy Effective: June 25, 2015 HIPAA Security Policy and Procedures Montclair State University is a hybrid entity and has designated Healthcare Components that
More informationPLEASE READ THIS AGREEMENT CAREFULLY. BY INSTALLING, DOWNLOADING OR OTHERWISE USING THE SOFTWARE, YOU AGREE TO THE TERMS OF THIS AGREEMENT.
Novell ZENworks Mobile Management Novell ZENworks Mobile Management Enterprise App Software License Agreement PLEASE READ THIS AGREEMENT CAREFULLY. BY INSTALLING, DOWNLOADING OR OTHERWISE USING THE SOFTWARE,
More informationPolicy Checklist. Directorate of Performance and Reform. Stephen Hylands, Head of Information Technology
Policy Checklist Name of Policy: Purpose of Policy: Directorate responsible for Policy Name & Title of Author: Does this meet criteria of a Policy? Trade Union consultation? Equality Screened by: Date
More informationBYOD: End-to-End Security
BYOD: End-to-End Security Alen Lo MBA(CUHK), BSc(HKU), CISA, CCP, CISSP, CISM, CEH IRCA Certified ISMS Lead Auditor, itsmf ISO 20000 Auditor Principal Consultant i-totalsecurity Consulting Limited alenlo@n2nsecurity.com
More informationUSE OF PERSONAL MOBILE DEVICES POLICY
Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014
More information1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?
MaaS360 FAQs This guide is meant to help answer some of the initial frequently asked questions businesses ask as they try to figure out the who, what, when, why and how of managing their smartphone devices,
More informationONE Mail Direct for Mobile Devices
ONE Mail Direct for Mobile Devices User Guide Version: 2.0 Document ID: 3292 Document Owner: ONE Mail Product Team Copyright Notice Copyright 2014, ehealth Ontario All rights reserved No part of this document
More informationMobile Telephony Devices Acquisition and Usage Procedures pro-055 Version: 1.01
Mobile Telephony Devices Acquisition and Usage Procedures pro-055 To be read in conjunction with: ICT Acceptable Use Policy Email Acceptable Use Policy Version: 1.01 Last amendment: 15 Jul 2013 Next Review:
More informationC.R. Bard Mobile Device Guidelines Clarifying Bard s mobile device service
1 C.R. Bard Mobile Device Guidelines Clarifying Bard s mobile device service A guide for employees to understand Bard s mobile device policy and service Ref: UserGuide C.R. BARD 3/17/2014 Bard Mobile Device
More informationB. Cellular Telephone: A mobile or portable communication device that can be transported or carried.
ADMINISTRATIVE REGULATION REGULATION NUMBER 100-16 PAGE NUMBER 1 OF 5 CHAPTER: Administration/Organization COLORADO DEPARTMENT OF CORRECTIONS SUBJECT: Use of Cellular Telephones RELATED STANDARDS: ACA
More informationWhen enterprise mobility strategies are discussed, security is usually one of the first topics
Acronis 2002-2014 Introduction When enterprise mobility strategies are discussed, security is usually one of the first topics on the table. So it should come as no surprise that Acronis Access Advanced
More informationNBT Bank Personal and Business Mobile Banking Terms and Conditions
This NBT Bank Mobile Banking terms and conditions will apply if you use a mobile device to access our Mobile Banking service. When you use NBT Bank s Mobile Banking service, you will remain subject to
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationEnd User Devices Security Guidance: Apple ios 8
GOV.UK Guidance End User Devices Security Guidance: Apple ios 8 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best satisfy
More informationCounty of Grande Prairie - Information Systems
County of Grande Prairie - Information Systems Title [Systems] [BRING YOUR OWN DEVICE - BYOD] - Procedure Location Buddie Systems and HR Documents Approved by Natalia Madden Collaborators Sophie Mercier,
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationSUBJECT: Effective Date Policy Number Security of Mobile Computing, Data Storage, and Communication Devices
SUBJECT: Effective Date Policy Number Security of Mobile Computing, Data Storage, and Communication Devices 8-27-2015 4-007.1 Supersedes 4-007 Page Of 1 5 Responsible Authority Vice Provost for Information
More informationPolicies Middletown Public Schools Employee Telecommunications Equipment and Use Policy EMPLOYEES TELECOMMUNICATIONS EQUIPMENT AND USE POLICY
Policies Middletown Public Schools Employee Telecommunications Equipment and Use Policy No. EMPLOYEES TELECOMMUNICATIONS EQUIPMENT AND USE POLICY The Middletown Public Schools recognizes that the use of
More informationBlackBerry 10.3 Work Space Only
GOV.UK Guidance BlackBerry 10.3 Work Space Only Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network architecture
More informationVodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence
Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence White Paper Vodafone Global Enterprise 3 The Apple iphone has become a catalyst for changing the way both users
More informationData Protection Act 1998. Bring your own device (BYOD)
Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...
More informationManaged Hosting Terms of Service
Managed Hosting Terms of Service This document contains s (the "company", "us", "we", or "our") Managed Hosting Terms of Service. expects its clients (the customer, user, you, or your ) to carefully read
More informationBring Your Own Device (BYOD) Policy
Bring Your Own Device (BYOD) Policy Document History Document Reference: Document Purpose: Date Approved: Approving Committee: To set out the technical capabilities of the chosen security solution Airwatch
More informationHow To Protect The Agency From Hackers On A Cell Phone Or Tablet Device
PRODUCT DESCRIPTION Product Number: 0.0.0 MOBILE DEVICE MANAGEMENT (MDM) Effective Date: Month 00, 0000 Revision Date: Month 00, 0000 Version: 0.0.0 Product Owner: Product Owner s Name Product Manager:
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More informationMobile Device Security and Privacy. Discussion - Planning Considerations for a Successful Mobile Device Program
Mobile Device Security and Privacy Discussion - Planning Considerations for a Successful Mobile Device Program August 2012 Discussion Topics Mobile Device Definition and Characteristics Mobile Device Access
More informationBlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide
BlackBerry Web Desktop Manager Version: 5.0 Service Pack: 4 User Guide Published: 2012-10-03 SWD-20121003174218242 Contents 1 Basics... 5 Log in to the BlackBerry Web Desktop Manager... 5 Connect your
More informationMobile Tablet Devices
Document Owner: Page 1 of 5 Mobile Tablet Devices Purpose The purpose of this document is to provide guidance for the appropriate purchase and usage of Mobile Tablet Devices (devices running ios and Android
More informationEmbracing Complete BYOD Security with MDM and NAC
Embracing Complete BYOD Security with MDM and NAC Clint Adams, CISSP, Director, Mobility Solutions Keith Glynn, CISSP, Sr. Technical Solutions Engineer August 22, 2013 Today s Speakers Clint Adams, CISSP
More informationBlackBerry Enterprise Service 10. Universal Device Service Version: 10.2. Administration Guide
BlackBerry Enterprise Service 10 Universal Service Version: 10.2 Administration Guide Published: 2015-02-24 SWD-20150223125016631 Contents 1 Introduction...9 About this guide...10 What is BlackBerry
More informationCOMPUTER USE POLICY City of Proctor
COMPUTER USE POLICY City of Proctor Purpose This policy serves to protect the security and integrity of the city s electronic communication and information systems by educating employees about appropriate
More informationThe Enterprise Mobility Policy Guidebook
+ 1 The Enterprise Mobility Policy Guidebook April 2012 Edition + About This Guidebook 2 Research from market research firm Strategy Analytics shows that over 90% of organizations now have employees using
More informationCounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version 1.0.1. ForeScout Mobile
CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module Version 1.0.1 ForeScout Mobile Table of Contents About the Integration... 3 ForeScout MDM... 3 Additional Documentation...
More informationSecuring end-user mobile devices in the enterprise
IBM Global Technology Services Thought Leadership White Paper January 2012 Securing end-user mobile devices in the enterprise Develop an enforceable mobile security policy and practices for safer corporate
More informationHIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY
GOLD EMM SUBSCRIPTIONS Experience the most secure mobility management solution with BES12 and Gold Enterprise Mobility Management (EMM) subscriptions. HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY
More informationBring Your Own Device (BYOD)
Bring Your Own Device (BYOD) Policy Intent Rosemount Middle School (RMS) grants its students and staff the privilege of using personal mobile devices (laptops, tablets, etc.) of their choosing to complete
More information11 Best Practices for Mobile Device Management (MDM)
MaaS360.com > White Paper 11 Best Practices for Mobile Device Management (MDM) 11 Best Practices for Mobile Device Management (MDM) www.maas360.com Copyright 2014 Fiberlink Communications Corporation.
More informationAdams County, Colorado
Colorado Independent Consultants Network, LLC Adams County, Colorado Bring-Your-Own-Device Policy Prepared by: Colorado Independent Consultants Network, LLC Denver, Colorado March 20, 2014 Table of Contents
More informationConsumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions WWW.WIPRO.COM
Consumerization Managing the BYOD trend successfully WWW.WIPRO.COM Harish Krishnan, General Manager, Wipro Mobility Solutions Employees dictate IT Enterprises across the world are giving in to the Consumerization
More informationSecurity and Compliance challenges in Mobile environment
Security and Compliance challenges in Mobile environment Emerging Technologies November 19, 2013 Bob Bastani Introductions Bob Bastani, Security & Compliance Program Manager, IBM, 301-803-6078, bbastani@us.ibm.com
More informationIT TECHNOLOGY ACCESS POLICY
IT TECHNOLOGY ACCESS POLICY Effective Date May 19, 2016 Cross- Reference 1. IT Access Control and User Access Management Policy Responsibility Director, Information 2. IT Acceptable Use Policy Technology
More informationAntivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)
Below you will find the following sample policies: Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template) *Log in to erisk Hub for
More informationINFORMATION SECURITY POLICY
INFORMATION SECURITY POLICY Rev Date Purpose of Issue/ Description of Change Equality Impact Assessment Completed 1. June 2011 Initial Issue 2. 29 th March 2012 Second Version 3. 15 th April 2013 Third
More informationIntroduction to BYOD. Overview. In This Guide
Disclaimer While AirWatch strives to provide some level of direction for customers in terms of initially implementing a Bring Your Own Device (BYOD) program, it is up to your organization s legal, human
More informationBYOD Policy Implementation Guide. February 2016 March 2016
BYOD Policy Implementation Guide February 2016 March 2016 Table of Contents Step One: Evaluate Devices... 3 Step Two: Refine Network Accessibility... 4 Step Three: Determine Appropriate Management Policies...
More informationTom Schauer TrustCC tschauer@trustcc.com 253.468.9750 - cell
Tom Schauer TrustCC tschauer@trustcc.com 253.468.9750 - cell Mobile Mobile Mobile Devices in the CU Environ Mobile Banking Risks and Reward Tom Schauer ü Since 1986 ü TrustCC Founded TrustCC in 2001 ü
More informationDSHS CA Security For Providers
DSHS CA Security For Providers Pablo F Matute DSHS Children's Information Security Officer 7/21/2015 1 Data Categories: An Overview All DSHS-owned data falls into one of four categories: Category 1 - Public
More informationInformation Security Policy
Information Security Policy Touro College/University ( Touro ) is committed to information security. Information security is defined as protection of data, applications, networks, and computer systems
More informationAnceroAir Mobile Device Management (MDM) Service Guide
AnceroAir Mobile Device Management (MDM) Service Guide Contents Service Overview... 3 Core Mobile Device Management... 3 Mobility Management Bundle... 3 Secure Productivity Suite... 4 TouchDown (with Exchange
More informationBell Mobile Device Management (MDM)
Bell MDM Business FAQs 1 Bell Mobile Device Management (MDM) Frequently Asked Questions INTRODUCTION Bell Mobile Device Management provides business customers an all in one device administration tool to
More informationUser Guide. BES12 Self-Service
User Guide BES12 Self-Service Published: 2016-01-27 SWD-20160127153905522 Contents About BES12 Self-Service...4 Log in to BES12 Self-Service... 4 Forgot your login password?... 4 Change your login password...5
More informationMOBILE REMOTE DEPOSIT SERVICES AGREEMENT
MOBILE REMOTE DEPOSIT SERVICES AGREEMENT Mobile Deposit is designed to allow you to take a picture of your check ( original checks ) with a mobile device and upload it for deposit to your RSI Bank deposit
More informationInsert Partner logo here. Financial Mobility Balancing Security and Success
Financial Mobility Balancing Security and Success Copyright 2012 Fiberlink Communications Corporation. All rights reserved. This document contains proprietary and confidential information of Fiberlink.
More information6 Things To Think About Before Implementing BYOD
6 Things To Think About Before Implementing BYOD Kimber Spradlin, CISA, CISSP 2012 IBM Corporation Mobile Devices: Unique Management & Security Challenges Mobile devices are shared more often Mobile devices
More informationKenosha County Cellular Phone and Paging Device Policy
Kenosha County Cellular Phone and Paging Device Policy A. OVERVIEW The County recognizes that certain job functions require the use of a cellular or paging device to conduct official county business. This
More informationCorporate-level device management for BlackBerry, ios and Android
B L A C K B E R R Y E N T E R P R I S E S E R V I C E 1 0 Corporate-level device management for BlackBerry, ios and Android Corporate-level (EMM) delivers comprehensive device management, security and
More information{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com
{ipad Security} plantemoran.com for K-12 Understanding & Mitigating Risk Plante Moran The ipad is in K-12. Since its debut in April 2010, the ipad has quickly become the most popular tablet, outselling
More informationThe Risks and Rewards of Social Media and Mobile Devices
The Risks and Rewards of Social Media and Mobile Devices October 29-30, 2012 Tony Brooks, CISA Principal & Director of IT Assurance Tony and Brooks, Risk Services CISA, CRISC Partner HORNE - IT LLP Assurance
More informationBusiness Broadband Terms & Conditions of Service
The following Terms and Conditions govern the rights and obligations of C&W and the Customer in connection with C&W s provision of the Service to you, the Customer. The Service is subject also to Part
More informationSecuring Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper
Securing Patient Data in Today s Mobilized Healthcare Industry Securing Patient Data in Today s Mobilized Healthcare Industry 866-7-BE-GOOD good.com 2 Contents Executive Summary The Role of Smartphones
More informationGuidance on the Use of Portable Storage Devices 1
Guidance on the Use of Portable Storage Devices Introduction Portable storage devices ( PSDs ) such as USB flash memories or drives, notebook computers or backup tapes provide a convenient means to store
More informationHow To Manage A Mobile Device Management (Mdm) Solution
Mobile Device Management Buyers Guide IT departments should be perceived as the lubricant in the machine that powers an organization. BYOD is a great opportunity to make life easier for your users. But
More informationBES10 Self-Service. Version: 10.2. User Guide
BES10 Self-Service Version: 10.2 User Guide Published: 2014-09-10 SWD-20140908171306471 Contents 1 BES10 Self-Service overview... 4 2 Log in to BES10 Self-Service... 5 3 Activating your device...6 Create
More informationMOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM
MOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM This Addendum ( Addendum ) to the Citizens State Bank of Paola Online Banking Agreement between you and Citizens State Bank of
More informationWHITE PAPER. The CIO s guide. management
WHITE PAPER The CIO s guide to building a mobile device management strategy and how to execute on it Executive Summary The explosive growth of employee mobility is driving the rapid adoption of mobile
More informationBring Your Own Device (BYOD) for Staff and Visitors
Bring Your Own Device (BYOD) for Staff and Visitors Version 1.01 01.16 Created April 2015 Reviewed by Education and staffing Committee 21.01.16 Review Cycle Triennial Next review September 2019 Source
More informationHIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY
DATASHEET HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY Gold level EMM for BlackBerry Regulated-level security for BlackBerry 10 devices Ultimate security. BlackBerry 10 devices managed by BES10 with
More informationWashwood Heath Academy Use by staff of private communication devices policy
As a learning community, Washwood Heath Academy wants all staff and students to be able to be safe users of ICT and all data storage. The development of responsible, independent users is a prime aim of
More informationPimaCountyCommunityCollegeDistrict Standard Practice Guide Administrative Procedure
PimaCountyCommunityCollegeDistrict Standard Practice Guide Administrative Procedure SPG AP Title: Portable College-Issued Mobile Device Security SPG AP Number: SPG-5702/AD AP 9.01.04 Effective Date: 11/13/06
More informationKaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationEnterprise Mobility. Bring Your Own Device (BYOD) Policy Guidebook Questions to Ask and Best Practices to Consider
Enterprise Mobility Bring Your Own Device (BYOD) Policy Guidebook Questions to Ask and Best Practices to Consider Bring Your Own Device (BYOD) Policy Guidebook Table of Contents 3 Introduction: How to
More information