BYOD. opos WHAT IS YOUR POLICY? SUMMARY
|
|
- Geoffrey Marsh
- 8 years ago
- Views:
Transcription
1 BYOD WHAT IS YOUR POLICY? opos SUMMARY The organization s employees and contractors frequently perform employment-related tasks which require connecting to the organization s networks, systems, and/or . Employees and contractors may want to use their own desktop computers, laptops, tablets, smartphones, or other devise in the process. This policy describes the steps these individuals must take when connecting personal devices to the organization s systems, , and networks. The organization refuses the right to revoke users right to use such their own devices if users do not abide by the policies and procedures outlined below. Users must agree to the terms and conditions set forth in this policy in order to be able to connect their devices to the organization s networks, systems and s. AUDIENCE All full-time employees, contract workers, consultants, part-time staff, and temporary workers and other personnel granted access to the organization s systems, networks, software, and/or data. PURPOSE All users should understand that whenever a staff member or contractor connects a computer device to the organization s network, systems, or computers, the opportunity exists for: Exposure to computer viruses, spyware, or other malware. Intentional or accidental copying of protected information and/or proprietary organization information to unauthorized devices. The introduction of a technical incompatibility to the organization s systems or networks Camino Ramon #195, San Ramon, CA
2 As a result of any of the three circumstances listed above, a user connecting his or her own device to organization resources, systems, or networks could interrupt business operations, cause unplanned downtime for multiple users, and/or cause a data breach releasing organization, client, and/or partner data to unauthorized parties. In worstcase scenarios (and in events entirely realized at other organizations), civil and criminal penalties for the user and/or substantial costs and expenses to the organization could arise. Additionally devices may not be used at any time to: Store, receive or transmit illicit materials; store or transmit proprietary information belonging to another organization; harass others; engage in outside business activities; and/or to be used in any other manner prohibited by the organization in its discretion. The organization has a zero-tolerance policy regarding texting or ing while driving, and only hands-free talking while driving is permitted if allowed by law. COVERED EQUIPMENT The following commonly used items are covered by the organization s BYOD Policy whenever these devices are connected to the organization s networks, external hard disks, flash drives, and other organization-provided or supported systems (including ): Desktops, laptops, and tablet computers Smartphones, defined as any cellular telephone that connects to the Internet via WiFi or a telecommunications-provider s network Flash, memory and/or thumb drives External hard disks BYOD AUTHORIZATION PROCESS Whenever any organization user wishes to use a personally owned or personally provided device to connect to the organization s networks, devices and/or systems, the following protocol should be followed: The user must request in writing that the personally owned or personally provided device be approved for use within the organization. The IT department will ensure that the user s device does not have a static IP address that could introduce incompatibilities. The IT department will ensure that the user s device does not have third-party software or applications that pose a threat to the organization s systems and networks or that could introduce application incompatibilities.
3 The IT department will ensure that the user s device does not have a virus, spyware, or malware infection. The IT department will ensure that the user s device is properly protected against viruses, spyware, and other malware infections and that the system has properly licensed anti-malware software, when appropriate. The IT department will ensure that the user s device is properly encrypted if the potential exists for the device to save, cache, or even temporarily store organization data. The IT department will log the system and ensure that it is properly configured to access resources remotely, if necessary, via a secure VPN connection. The IT director s written authorization to use the personally owned or personally provided device to connect to the organization s systems and networks must be obtained before the device is connected to the organization s networks, systems, or devices. Whenever a user decommissions, prepares to return, or otherwise ceases using a personally owned or personally provided device that the IT director has authorized for organization use, the user must notify the IT director that the device will no longer be used to connect to organization resources, systems, and networks. The IT director will remove any required encryption, VPN, and anti-malware licensing from the user s device. The IT director will confirm that the user s device does not contain any traces of protected, sensitive, corporate, or proprietary information and delete any protected, sensitive, corporate and/or proprietary data, licensing, and information remaining on the device. In the event that a user believes a personally- owned device that is authorized to connect to the organization s resources, systems, and networks might be infected with a virus, spyware infection, or other malware threat or might be somehow compromised, he or she must immediately notify the IT department, in writing, of the potential security risk. In the event that a user loses or misplaces a personally owned or personally provided device that is authorized to connect to the organization s resources, systems, and networks, he or she must immediately notify the IT department, in writing, of the potential security risk. Employees are responsible for notifying their mobile carrier immediately upon loss of a device.
4 A personally-owned device may be remotely wiped if 1) the device is verified lost or stolen 2) the employee terminates his or her employment, 3) IT detects a data or policy breach, a virus or similar threat to the security of the organization s data and technology infrastructure. ADDITIONAL RISKS/LIABILITIES/DISCLAIMERS While the organization will take every precaution to prevent the employee s personal data from being lost in the event it must remote wipe a device, it is the employee s responsibility to take additional precautions, such as backing up , contacts, etc. The organization reserves the right to disconnect devices or disable services without notification. The employee is expected to use his or her devices in an ethical manner at all times and adhere to the organization s acceptable use policy as outlined above. The employee is personally liable for all costs associated with his or her device. The employee assumes full liability for risks including, but not limited to, the partial or complete loss of organization and personal data due to an operating system crash, errors, bugs, viruses, malware, and/or other software or hardware failures, or programming errors that render the device unusable. The organization reserves the right to take appropriate disciplinary action up to and including termination for noncompliance with this policy BYOD CHECKLIST Whenever a user has a personally owned device he or she wants to connect to the organization s resources, systems, networks, and devices, the user may use this BYOD Checklist to begin the BYOD Authorization Process. User s full name: User s Title: Date of Request: Device user wants to connect to organization resources, systems, or networks:
5 Organization s resources, systems, or networks to which user wishes to connect: User s work telephone: User s mobile telephone: User s home telephone: User s address: User s department: Date user received decommissioning: Date user requested decommissioning: Date IT department decommissioned device:
6 ACKNOWLEDGMENT OF BYOD POLICY This form is used to acknowledge receipt of and compliance with the organization s BYOD Policy. PROCEDURE Complete the following steps: Read the entire BYOD Policy. Sign and date this form in the spaces provided below. Return this page only to the IT department manager. SIGNATURE By signing below, I agree to the following terms: I have received and read a copy of the BYOD Policy and agree to comply with its provisions. I understand and agree to comply with staff and user prevention responsibilities described within this policy. I understand and agree that I am not to connect any non-organization-provided equipment including desktop computers, laptops, tablet systems, smartphones, and similar devices, including external hard disks and flash drives to any organization computer, network, or system. I understand that violations of the BYOD Policy could result in termination of employment and legal action including civil and criminal prosecution should I fail to maintain compliance with and/or intentionally violate the policy s provisions. Employee Signature Employee Title Employee Name Date Department / Location Disclaimer: This sample BYOD policy is intended only to provide sample text and a format that can be used in the development of an actual, comprehensive BYOD policy. There is no warranty offered that the text of this template is inclusive of all regulatory requirements or satisfies the intent of applicable rules, regulations or laws. This sample policy is not a substitute for legal advice. You should consult with your attorney on the development of your BYOD policy to ensure completeness and compliance with the law.
BYOD Policy for [AGENCY]
BYOD Policy for [AGENCY] This document provides policies, standards, and rules of behavior for the use of smartphones, tablets and/or other devices ( Device ) owned by [AGENCY] employees personally (herein
More information[BRING YOUR OWN DEVICE POLICY]
2013 Orb Data Simon Barnes [BRING YOUR OWN DEVICE POLICY] This document specifies a sample BYOD policy for use with the Orb Data SaaS MDM service Contents 1 ACCEPTABLE USE... 3 1.1 GENERAL RULES... 3 2
More informationBring Your Own Device (BYOD) Policy
Bring Your Own Device (BYOD) Policy Document History Document Reference: Document Purpose: Date Approved: Approving Committee: To set out the technical capabilities of the chosen security solution Airwatch
More informationBring Your Own Device. Individual Liable User Policy Considerations
Bring Your Own Device Individual Liable User Contents Introduction 3 Policy Document Objectives & Legal Disclaimer 3 Eligibility Considerations 4 Reimbursement Considerations 4 Security Considerations
More informationCorporate Mobile Policy Template
Updated July 2011 Three major changes have occurred over the past 18 months that require updates to your organization s mobile policy. These changes include widespread adoption of tablet devices, changes
More informationAntivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)
Below you will find the following sample policies: Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template) *Log in to erisk Hub for
More informationICT Security Policy for Schools
WOLGARSTON HIGH SCHOOL Staffordshire ICT Security Policy for Schools A Statement of Policy Author: Readability Score: Frequency of Review: J Ablewhite 15-16 years Annually Amendments 2014 JA Page 1 of
More information"choose your own device" : the employer still provides the hardware and the employee can choose e.g. the model.
WHAT IS BYOD? BYOD comes in "different shades of grey". "bring your own device" : employees are allowed to use their privately owned hard- and software. IT-applications and company data of the employer
More informationMobile Devices Policy
Mobile Devices Policy Item Policy description Division Director Contact Description Guidelines to ensure that mobile devices are deployed and used in a secure and appropriate manner. IT Services and Records
More informationSUBJECT: Effective Date Policy Number Security of Mobile Computing, Data Storage, and Communication Devices
SUBJECT: Effective Date Policy Number Security of Mobile Computing, Data Storage, and Communication Devices 8-27-2015 4-007.1 Supersedes 4-007 Page Of 1 5 Responsible Authority Vice Provost for Information
More informationCOVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name
COVER SHEET OF POLICY DOCUMENT Code Number Policy Document Name Introduction Removable Media and Mobile Device Policy Removable media and mobile devices are increasingly used to enable information access
More informationBoston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources
Boston Public Schools Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and Scope of Policy Technology Resources ACCEPTABLE USE POLICY AND GUIDELINES Boston
More informationACCEPTABLE USE POLICY
ACCEPTABLE USE POLICY F. Paul Greene Harter Secrest & Emery LLP 1600 Bausch & Lomb Place Rochester, NY 14604 585-231-1435 fgreene@hselaw.com 2016 HARTER SECREST & EMERY LLP THE FOLLOWING TEMPLATE WAS DESIGNED
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:
More informationInformation Technology Security Policies
Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral
More informationPHI- Protected Health Information
HIPAA Policy 2014 The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security of patients health information and grants certain rights to patients. Clarkson
More informationConsumer Device Policy (Smartphones / Tablets) BYOD (Bring Your Own Device)
Consumer Device Policy (Smartphones / Tablets) BYOD (Bring Your Own Device) Policy Number: 422 Supersedes: - Standards For Healthcare Services No/s 1, 5, 19 New Version Date Of Reviewer Completed Date
More informationHIPPA Goes HITECH. Data Protection for Agents
HIPPA Goes HITECH Data Protection for Agents For agent information only. this material should not be distributed to the public or used in any solicitation. 13-0127 Course objectives Agents will be able
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the
More informationCyber Self Assessment
Cyber Self Assessment According to Protecting Personal Information A Guide for Business 1 a sound data security plan is built on five key principles: 1. Take stock. Know what personal information you have
More informationPierce County Policy on Computer Use and Information Systems
Pierce County Policy on Computer Use and Information Systems Pierce County provides a variety of information technology resources such as computers, software, printers, scanners, copiers, electronic mail
More informationInformation Security Policy
Information Security Policy Version August 23, 2010 1 of 8 Table of Contents Introduction Ethics and Acceptable Use Policies Usage Policy Disciplinary Action Protect Stored Data Restrict Access to Data
More information51 JS-R STUDENT USE OF INFORMATION TECHNOLOGY RESOURCES
Page 1 of 5 Purpose This regulation implements Board policy JS by setting forth specific procedures, requirements and restrictions and conditions governing student use of District Information Technology
More informationHIPAA: Bigger and More Annoying
HIPAA: Bigger and More Annoying Instructor: Laney Kay, JD Contact information: 4640 Hunting Hound Lane Marietta, GA 30062 (770) 312-6257 (770) 998-9204 (fax) laney@laneykay.com www.laneykay.com OFFICIAL
More informationSouthwest Airlines 2013 Terms of Use Portable Devices Feb 2013
1 TERMS OF USE As of February 3, 2013 The following terms and conditions of use ( Terms of Use ) form a legally binding agreement between you (an entity or person) and Southwest Airlines Co. ( Southwest
More informationRegional School District No. 7. Bring Your Own Device (BYOD) and Protocol for the Use of Technology in the Schools
6141.328(a) As new technologies continue to change the world in which we live, they also provide many new and positive educational benefits for classroom instruction. To prepare students as 21 st century
More informationBring Your Own Device Acceptable Use Policy
Bring Your Own Device Acceptable Use Policy Released On Author(s) Reviewed By Version and Date Master Document Index Number Protective Marking Irene Docherty v 1.3, 08/01/14 IS-WC-POL-0001 unclassified
More informationThe Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3
Table of Contents 1 Acceptable use 1 Violations 1 Administration 1 Director and Supervisor Responsibilities 1 MIS Director Responsibilities 1 The Internet and e-mail 2 Acceptable use 2 Unacceptable use
More informationPeace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users
Table of Contents... 1 A. Accountability... 1 B. System Use Notification (Login Banner)... 1 C. Non-... 1 D. System Access... 2 E. User IDs... 2 F. Passwords... 2 G. Electronic Information... 3 H. Agency
More informationWashwood Heath Academy Use by staff of private communication devices policy
As a learning community, Washwood Heath Academy wants all staff and students to be able to be safe users of ICT and all data storage. The development of responsible, independent users is a prime aim of
More informationEXECUTIVE DECISION NOTICE. ICT, Communications and Media. Councillor John Taylor. Deputy Executive Leader
EXECUTIVE DECISION NOTICE SERVICE AREA: SUBJECT MATTER: DECISION: DECISION TAKER(S): DESIGNATION OF DECISION TAKER(S): GOVERNANCE ICT, Communications and Media PERSONAL DEVICE POLICY That the Personal
More informationMONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP)
MONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP) 201 CMR 17.00 Standards for the Protection of Personal Information Of Residents of the Commonwealth of Massachusetts Revised April 28,
More informationIBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing
IBM Global Technology Services Statement of Work for IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing The information in this Statement of Work may not be disclosed
More informationSAO Remote Access POLICY
SAO Remote Access POLICY Contents PURPOSE... 4 SCOPE... 4 POLICY... 4 AUTHORIZATION... 4 PERMITTED FORMS OF REMOTE ACCESS... 5 REMOTE ACCESS USER DEVICES... 5 OPTION ONE: SAO-OWNED PC... 5 OPTION TWO:
More informationFullScap Technologies OTW - TERMS of Service
FullScap Technologies OTW WEB HOSTING - TERMS OF SERVICE Last Updated: 15 May 2011 FullScap Technologies OTW ("The Company") agrees to furnish hosting services to the Subscriber, subject to the following
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationesnc ACCESS AGREEMENT
FEDERAL RESERVE BOARD Shared National Credit Function esnc ACCESS AGREEMENT A. Introduction This agreement (Agreement) sets forth the terms for your Institution s use of our Electronic Shared National
More informationUSE OF INFORMATION TECHNOLOGY FACILITIES
POLICY CI-03 USE OF INFORMATION TECHNOLOGY FACILITIES Document Control Statement This Policy is maintained by the Information Technology Department. Any printed copy may not be up to date and you are advised
More information13. Acceptable Use Policy
To view the complete Information and Security Policies and Procedures, log into the Intranet through the IRSC.edu website. Click on the Institutional Technology (IT) Department link, then the Information
More informationOdessa College Use of Computer Resources Policy Policy Date: November 2010
Odessa College Use of Computer Resources Policy Policy Date: November 2010 1.0 Overview Odessa College acquires, develops, and utilizes computer resources as an important part of its physical and educational
More informationInformation Governance Officer 01427 676652 Steve.anderson@west-lindsey.gov.uk
B CPR.32 15/16 Corporate Policy and Resources Committee Date: 10 November 2015 Subject: Bring Your Own Device Policy Report by: Director of Resources Contact Officer: Purpose / Summary: Steve Anderson
More information2.5.1 Policy on Responsible Use of University Computing Resources Introduction This policy governs the proper use and management of all University of
2.5.1 Policy on Responsible Use of University Computing Resources Introduction This policy governs the proper use and management of all University of San Diego computing and network resources. This policy
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationTERMS OF SERVICE. This Agreement shall be construed in all respects in accordance with the laws of the province of Ontario and Canada.
TERMS OF SERVICE IMPORTANT NOTICE: *All Payments to Orbit Cloud Inc are Non-Refundable* Orbit Cloud Inc. ("Orbit Cloud", "The Company") agrees to furnish services to the Subscriber, subject to the following
More informationTerms of Service Disclosure to Law Enforcement: Service Rates: Payment: Payments and Fees:
Terms of Service SouthBay Network (dba southbaynetwork.com) ("The Company") agrees to furnish services to the Subscriber, subject to the following TOS (Terms of Service). Use of SouthBay Network Service
More informationCOMPUTER USE POLICY. 1.0 Purpose and Summary
COMPUTER USE POLICY 1.0 Purpose and Summary 1. This document provides guidelines for appropriate use of the wide variety of computing and network resources at Methodist University. It is not an all-inclusive
More informationHow To Protect Your Data From Being Hacked
Data Security and the Cloud TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW
More informationNew Horizon Bank Online Banking Agreement/Disclosure
New Horizon Bank Online Banking Agreement/Disclosure This Agreement governs the use of the New Horizon Bank Online Banking Services and is made and entered into by and between New Horizon Bank ("Bank"),
More informationHow To Get A Credit Card From Dsostingprotection
Terms of Service IMPORTANT NOTICE: *All Payments To DDoshostingprotection Are Non-Refundable* "DDoshostingprotection") agrees to furnish services to the Subscriber, subject to the following TOS (Terms
More informationResponsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy
1.0 BACKGROUND AND PURPOSE Information Technology ( IT ) includes a vast and growing array of computing, electronic and voice communications facilities and services. At the Colorado School of Mines ( Mines
More informationUse of ESF Computing and Network Resources
Use of ESF Computing and Network Resources Introduction: The electronic resources of the State University of New York College of Environmental Science and Forestry (ESF) are powerful tools, shared among
More informationBUSINESS ONLINE BANKING AGREEMENT
BUSINESS ONLINE BANKING AGREEMENT This Business Online Banking Agreement ("Agreement") establishes the terms and conditions for Business Online Banking Services ( Service(s) ) provided by Mechanics Bank
More informationSPRINGFIELD PUBLIC SCHOOLS Springfield, New Jersey 07081
SPRINGFIELD PUBLIC SCHOOLS Springfield, New Jersey 07081 POLICY: COMPUTER/INTERNET ACCEPTABLE USE POLICY AGREEMENT Overview Access to information is fundamental to citizenship and the foundation for further
More informationSUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
More informationCITY OF SAN DIEGO ADMINISTRATIVE REGULATION Number 95.51 PAYMENT CARD INDUSTRY (PCI) COMPLIANCE POLICY. Page 1 of 9.
95.5 of 9. PURPOSE.. To establish a policy that outlines the requirements for compliance to the Payment Card Industry Data Security Standards (PCI-DSS). Compliance with this standard is a condition of
More informationCourse: Information Security Management in e-governance
Course: Information Security Management in e-governance Day 2 Session 2: Security in end user environment Agenda Introduction to IT Infrastructure elements in end user environment Information security
More informationInformation Resources Security Guidelines
Information Resources Security Guidelines 1. General These guidelines, under the authority of South Texas College Policy #4712- Information Resources Security, set forth the framework for a comprehensive
More informationSt Charbel s College. Bring Your Own Device (BYOD) Policy Agreement
St Charbel s College Bring Your Own Device (BYOD) Policy Agreement St Charbel s College s Bring Your Own Device program aims to improve student learning experiences both in and out of the classroom. St
More informationHow To Understand The Bring Your Own Device To School Policy At A School
The Thomas Hardye School Bring Your Own Device to School (BYOD) Policy for Students Adopted by Personnel & Resources Committee 1 st September 2014 Review date: 31 st August 2015 Signed by Chair:. CONTENTS
More informationBusiness Merchant Capture Agreement. A. General Terms and Conditions
Business Merchant Capture Agreement A. General Terms and Conditions Merchant Capture (MC), the Service, allows you to deposit checks to your LGE Business Account from remote locations by electronically
More informationRemote Access and Network Security Statement For Apple
Remote Access and Mobile Working Policy & Guidance Document Control Document Details Author Adrian Last Company Name The Crown Estate Division Name Information Services Document Name Remote Access and
More informationHuddersfield New College Further Education Corporation
Huddersfield New College Further Education Corporation Card Payments Policy (including information security and refunds) 1.0 Policy Statement Huddersfield New College Finance Office handles sensitive cardholder
More informationCommercial Internet Banking Agreement and Disclosures
Rev. 4/2015 Commercial Internet Banking Agreement and Disclosures 1. Coverage. This Agreement applies to your use of our commercial Internet Banking Service, which permits you to access your accounts with
More informationNBT Bank Personal and Business Mobile Banking Terms and Conditions
This NBT Bank Mobile Banking terms and conditions will apply if you use a mobile device to access our Mobile Banking service. When you use NBT Bank s Mobile Banking service, you will remain subject to
More informationHIPAA Security Training Manual
HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,
More informationNew PCI Standards Enhance Security of Cardholder Data
December 2013 New PCI Standards Enhance Security of Cardholder Data By Angela K. Hipsher, CISA, QSA, Jeff A. Palgon, CPA, CISSP, QSA, and Craig D. Sullivan, CPA, CISA, QSA Payment cards a favorite target
More informationMontclair State University. HIPAA Security Policy
Montclair State University HIPAA Security Policy Effective: June 25, 2015 HIPAA Security Policy and Procedures Montclair State University is a hybrid entity and has designated Healthcare Components that
More informationInformation Security It s Everyone s Responsibility
Information Security It s Everyone s Responsibility The University of Texas at Dallas Information Security Office (ISO) Purpose of Training Information generated, used, and/or owned by UTD has value. Because
More informationMCOLES Information and Tracking Network. Security Policy. Version 2.0
MCOLES Information and Tracking Network Security Policy Version 2.0 Adopted: September 11, 2003 Effective: September 11, 2003 Amended: September 12, 2007 1.0 POLICY STATEMENT The Michigan Commission on
More informationInformation Security and Electronic Communications Acceptable Use Policy (AUP)
Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern
More informationNNPS Bring Your Own Device Guidelines for Students
NNPS Bring Your Own Device Guidelines for Students What Students, Parents / Guardians, Educators, and Administrators Should Know Rationale Types of Devices Acceptable Use Parent / Guardian and Student
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationITU-10002 Computer Network, Internet Access & Email policy ( Network Access Policy )
ITU-10002 Computer Network, Internet Access & Email policy South Norfolk Council IT Unit Documentation www.south-norfolk.gov.uk Page : 2 of 8 Summary This policy informs all users about acceptable use
More informationInformation Security Policy Manual
Information Security Policy Manual Latest Revision: May 16, 2012 1 Table of Contents Information Security Policy Manual... 3 Contact... 4 Enforcement... 4 Policies And Related Procedures... 5 1. ACCEPTABLE
More informationPointCentral Subscription Agreement v.9.2
PointCentral Subscription Agreement v.9.2 READ THIS SUBSCRIPTION AGREEMENT ( AGREEMENT ) CAREFULLY BEFORE INSTALLING THIS SOFTWARE. THIS AGREEMENT, BETWEEN CALYX TECHNOLOGY, INC., DBA CALYX SOFTWARE (
More informationAcceptable Use Policy
Acceptable Use Policy TABLE OF CONTENTS PURPOSE... 4 SCOPE... 4 AUDIENCE... 4 COMPLIANCE & ENFORCEMENT... 4 POLICY STATEMENTS... 5 1. General... 5 2. Authorized Users... 5 3. Loss and Theft... 5 4. Illegal
More informationplantemoran.com What School Personnel Administrators Need to know
plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of
More informationDedicated Servers (Fixed and Custom Configurations) Service Level Agreement
Dedicated Servers (Fixed and Custom Configurations) Service Level Agreement Terms and Abbreviations Customer's Control Panel the web page intended for managing the Services rendered by the Executor, retaining
More informationDocument Type Doc ID Status Version Page/Pages. Policy LDMS_001_00161706 Effective 2.0 1 of 7 Title: Corporate Information Technology Usage Policy
Policy LDMS_001_00161706 Effective 2.0 1 of 7 AstraZeneca Owner Smoley, David Authors Buckwalter, Peter (MedImmune) Approvals Approval Reason Approver Date Reviewer Approval Buckwalter, Peter (MedImmune)
More informationHIPAA Compliance: Efficient Tools to Follow the Rules
Bank of America Merrill Lynch White Paper HIPAA Compliance: Efficient Tools to Follow the Rules Executive summary Contents The stakes have never been higher for compliance with the Health Insurance Portability
More informationSamsung Mobile Security
Samsung Mobile Security offering enhanced core capabilities for enterprise mobility Samsung Enterprise Mobility Enterprise-ready Mobility management for your business Samsung Mobile Security offers enterprise
More informationUSER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY
USER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY CONDITIONS OF USE FOR ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY Between: the Commonwealth of Australia, acting
More informationOnline Back-Up, Off-Site Back-Up, Restore Service of Back-Up.
TERMS OF SERVICE: Online Back-Up, Off-Site Back-Up, Restore Service of Back-Up. The following Terms and Conditions are applicable to all individual users / corporate clients who use, sign-up and pay-for
More informationATHLONE INSTITUTE OF TECHNOLOGY. I.T Acceptable Usage Staff Policy
ATHLONE INSTITUTE OF TECHNOLOGY I.T Acceptable Usage Staff Policy Table of Contents 1. Purpose... 2 2. Terminology... 2 3. Scope... 2 4. Acceptable Usage Policy... 3 5. Policy Acceptance... 6 6. Policy
More informationBERKELEY COLLEGE DATA SECURITY POLICY
BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY TABLE OF CONTENTS Chapter Title Page 1 Introduction 1 2 Definitions 2 3 General Roles and Responsibilities 4 4 Sensitive Data
More informationSAMPLE TEMPLATE. Massachusetts Written Information Security Plan
SAMPLE TEMPLATE Massachusetts Written Information Security Plan Developed by: Jamy B. Madeja, Esq. Erik Rexford 617-227-8410 jmadeja@buchananassociates.com Each business is required by Massachusetts law
More informationInternet usage Policy
Internet usage Policy Free Use Disclaimer: This policy was created by or for the SANS Institute for the Internet community. All or parts of this policy can be freely used for your organization. There is
More informationAPPROVED BY: DATE: NUMBER: PAGE: 1 of 9
1 of 9 PURPOSE: To define standards for appropriate and secure use of MCG Health electronic systems, specifically e-mail systems, Internet access, phones (static or mobile; including voice mail) wireless
More informationCovered California. Terms and Conditions of Use
Terms and Conditions of Use Contents: Purpose Of This Agreement Privacy Policy Modification Of This Agreement Permission To Act On Your Behalf How We Identify You Registration Additional Terms For Products
More informationAngard Acceptable Use Policy
Angard Acceptable Use Policy Angard Staffing employees who are placed on assignments with Royal Mail will have access to a range of IT systems and mobile devices such as laptops and personal digital assistants
More informationUSE OF PERSONAL MOBILE DEVICES POLICY
Policies and Procedures USE OF PERSONAL MOBILE DEVICES POLICY Date Approved by Information Strategy Group Version Issue Date Review Date Executive Lead Information Asset Owner Author 15.04.2014 1.0 01/08/2014
More informationSample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 )
Sample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 ) Overview: The Bring Your Own Device (BYOD) program allows employees to use their own computing
More informationTerms of Service (TOS)
Terms of Service (TOS) [IMPORTANT NOTICE] *All Payments To Switch Networks Are Non-Refundable* Switch Networks, ("The Business") agrees to furnish services to the Subscriber, subject to the following [TOS]
More informationManaging Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense
SAP White Paper SAP Partner Organization Mobile Device Management Managing Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense Table of Content 4 Mobile Device
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Data Handling and Storage Standard This standard is applicable to all VCU School of Medicine personnel. Approval
More informationVulnerability Management Policy
Vulnerability Management Policy Policy Statement Computing devices storing the University s Sensitive Information (as defined below) or Mission-Critical computing devices (as defined below) must be fully
More informationR345, Information Technology Resource Security 1
R345, Information Technology Resource Security 1 R345-1. Purpose: To provide policy to secure the private sensitive information of faculty, staff, patients, students, and others affiliated with USHE institutions,
More informationUpdated HIPAA Regulations What Optometrists Need to Know Now. HIPAA Overview
Updated HIPAA Regulations What Optometrists Need to Know Now The U.S. Department of Health & Human Services Office for Civil Rights recently released updated regulations regarding the Health Insurance
More information