Mobile Device Usage Policy & Guidance

Similar documents
COMMERCIALISM INTEGRITY STEWARDSHIP. Security Breach and Weakness Policy & Guidance

Remote Access and Network Security Statement For Apple

COMMERCIALISM INTEGRITY STEWARDSHIP. Back-up Policy & Guidance

Internet Use Policy and Code of Conduct

Records Management Policy & Guidance

St. Peter s C.E. Primary School Farnworth , Internet Security and Facsimile Policy

Dene Community School of Technology Staff Acceptable Use Policy

Telephone Acceptable Use Policy (ISP05)

Information Technology and Communications Policy

Internet, Social Networking and Telephone Policy

Policy. Mobile Phone Use Policy. Contents

1. Computer and Technology Use, Cell Phones Information Technology Policy

Rules for the use of the IT facilities. Effective August 2015 Present

USE OF INFORMATION TECHNOLOGY FACILITIES

Mobile Devices Policy

How To Protect Decd Information From Harm

Information Systems Acceptable Use Policy for Learners

NHS Business Services Authority Information Security Policy

CARRAMAR PUBLIC SCHOOL

Recommendations. That the Cabinet approve the withdrawal of the existing policy and its replacement with the revised document.

Cellular/Smart Phone Use Procedure

INTERNET, USE AND

Policy and Code of Conduct

Acceptable Use of Information. and Communication Systems Policy

Other Review Dates: 15 July 2010, 20 October 2011

Conditions of Use. Communications and IT Facilities

Acceptable Use of ICT Policy. Staff Policy

HUMAN RESOURCES POLICIES & PROCEDURES

EMPLOYEE COMPUTER USE POLICY

Monitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012

Sydney Technical High School

Mobile Phone Device Policy

MOSMAN HIGH SCHOOL NSW DEC BRING YOUR OWN DEVICE STUDENT AGREEMENT

Use of Social Networking Websites Policy. Joint Management Trade Union Committee. ENDORSED BY: Consultative Committee DATE: 14 February 2013

Bring Your Own Device Program: User Charter

2.2 If employees or Board Members wish to use mobile telephones or data devices provided by the Group for personal use they may opt to either:

Students are expected to have regard to this policy at all times to protect the ipads from unauthorised access and damage.

Internet, Social Media and Policy

Corporate ICT & Data Management. Data Protection Policy

Information security policy

Mobile Telephone and Wireless Handheld Devices Policy & Guideline. Information Management and Technology Policy

Kings Estate Agents - Terms of Use

STRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS

Christ Church Grammar School ipad Programme. Guidelines, Policy and Expectations

ICT Acceptable Use Policy. August 2015

ABERYSTWYTH UNIVERSITY POLICY

INFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes

Senior School 1 PURPOSE 2 SCOPE 3 SCHOOL RESPONSIBILITIES

FMGateway by FMWebschool

Embedded Network Solutions Australia Pty Ltd (ENSA) INTERNET ACCEPTABLE USE POLICY

& Internet Policy

Bring Your Own Device Program: 2015 User Agreement

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

1.2: The name the shellies includes theshellies.co.uk.

1. Owner Manager, Business Operations 2. Compliance is required by Staff, contractors, consultants and volunteers 3. Approved by The Commissioner

APPROPRIATE USE OF INFORMATION TECHNOLOGY SYSTEMS INFRASTRUCTURE RESOURCES

1.0 Definition of Mobile Devices Policy Objectives and Scope Policy Imperatives Authorization... 4

CCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

Acceptable Usage Policy

EMPLOYEE ACCESS RELEASE AND AUTHORIZATION FORM MCS warehouse form No

Dundalk Institute of Technology. Acceptable Usage Policy. Version 1.0.1

Acceptable Use of ICT Policy For Staff

Information Security Incident Management Policy

National Secondary School Computer Fund Meridan State College Q4 Take Home Tablet Charter. Student NSSCF Charter

INTERNET AND POLICY

Acceptable Use of Information Systems Standard. Guidance for all staff

COMPUTER TECHNOLOGY ACCEPTABLE USE & INTERNET SAFETY

Acceptable Use Policy

SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY

ATHLONE INSTITUTE OF TECHNOLOGY. I.T Acceptable Usage Staff Policy

Boston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources

Broadband Acceptable Use Policy

Merthyr Tydfil County Borough Council. Information Security Policy

COMPUTER USAGE -

Information Governance Framework. June 2015

"Broadband Voice Telephone Adapter" a broadband voice telephone adapter or BT Voyager 220V which may be bought from BT.

Remote Access and Home Working Policy London Borough of Barnet

CCSS IT ACCEPTABLE USE POLICY Guidance for Staff and Pupils

Nazareth Catholic College Student Acceptable Use of Information and Communications Technology Procedures

Bring Your Own Device (BYOD) for Staff and Visitors

Acceptable Usage Policy

HAZELDENE LOWER SCHOOL

Acceptable Use Policy ("AUP")

Development / Monitoring / Review of this Policy. Schedule for Development / Monitoring / Review

Mobile Devices Security Policy

TERMS & CONDITIONS FOR INTERNET ACCESS. Service Provided by Fast Telecommunication Company W.L.L. (hereinafter referred to as FAST Telco )

Mobile Phone Regulations in Council - A Guide to Enforcement

Digital Device LOAN CHARTER

Information Services. Regulations for the Use of Information Technology (IT) Facilities at the University of Kent

CITY OF MARLBOROUGH MARLBOROUGH, MASSACHUSETTS

E Safety Policy. 6 th March Annually. 26 th February 2014

POLICY REGARDING EMPLOYEE USE OF THE DISTRICT'S COMPUTER SYSTEMS AND ELECTRONIC COMMUNICATIONS

Computer Facilities and External Networks Acceptable Use by Students

Company Mobile Phone Policy

INFORMATION SECURITY POLICY

Strathfield Girls High School Bring your Own Device User Charter

Hull Teaching Primary Care Trust INTERNET USE POLICY

ACCEPTABLE USAGE PLOICY

HP Laptop & Apple ipads

Transcription:

Mobile Device Usage Policy & Guidance COMMERCIALISM

Document Control Document Details Author Nigel Spencer Company Name The Crown Estate Department Name Information Services Document Name Mobile Device Usage Policy Version Date 10/10/12 Effective Date 1 November 2012 ISSUE THREE Review Date October 2013 Change Record Modified Date Author Version Description of Changes 01/08/2010 N Spencer 1.1 First Version 04/10/2010 N Spencer 1.2 Updated following consultation 04/10/2010 C Kelly 1.3 Update on reporting of lost/stolen mobile devices. Reviewed by CK, AN, CS, DF 25/01/11 A Last 1.4 Review 08/03/11 A Last 1.5 Amendment Re Use Of Mobiles When Driving 01/04/11 R McCaughan 1.6 Review 20/05/2011 S Smith 1.7 Review on behalf of Service Desk 21/07/2011 S Smith 1.8 Amendments See ISMS Audit Action 2011 10/10/2012 A R Last 1.9 Annual review Stakeholder Sign off Name Position Signature Date Nigel Spencer Information Services Manager July 2011 Clare Kelly IT Support Manager July 2011 Nigel Spencer Head of IS October 2012 Security Sign-off Name Position Signature Date Adrian Last Business Support Manager August 2011 Adrian Last ISMS Manager October 2012 1

Table of Contents 1. Purpose 3 2. Scope 3 3. Policy 3 3.1. Policy statement 3 3.2. Policy objectives 3 3.3. Policy overview 3 3.4. Policy maintenance 4 4 Policy requirements. 4 4.1. User Responsibilities 4 4.2. IT Department responsibilities 4 4.3. Privacy and Dignity 4 4.4. Security Requirements 5 4.5. Safety 5 4.6. Driving 5 4.7. Acceptable Use 5 4.8. Use of Privately Owned Mobile Devices 6 4.9. Usage Charges 6 4.10. Personal Data 7 5. Disciplinary Process 7 6. Deviations from policy 7 7. Glossary of terms 7 Appendix A List of related documents, procedures and processes. 8 2

1. Purpose Mobile telephones and tablets (Blackberrys, iphones and ipads referred to as mobile devices in this document) are an integral feature of The Crown Estate s business operations. The purpose of this policy and procedure is to ensure that employees and workers are aware of their responsibilities when using such equipment provided by The Crown Estate. 2. Scope This policy applies to: All permanent and temporary contract employees of The Crown Estate. All forms of mobile devices within The Crown Estate including, but not limited to Blackberrys, iphones, ipads and 3G SIM cards. 3. Policy 3.1. Policy statement The practices and procedures set out in this document reflect the provisions set out in the Computer Misuse Act 1990; the Data Protection Act 1998; the Malicious Communications Act 1998; the Road Vehicles (Construction and Use) (amendments) Regulations 2003; the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000. 3.2. Policy objectives The objectives of this policy with regard to appropriate use of mobile devices and the protection of information system resources as held on or accessible from mobile devices are to: Minimise the threat of accidental, unauthorised or inappropriate access to electronic information owned by The Crown Estate or temporarily entrusted to it; Provide guidelines for professional use of mobile devices, to ensure that they are used in such a manner that does not compromise The Crown Estate s business, reputation or its employees in any way. To outline the legal considerations that must be followed and also user responsibilities when it comes to security and appropriateness of call and call length. To detail the acceptable use of privately owned mobile phones for Crown Estate business calls. 3.3. Policy overview Employees and workers must be aware of their responsibilities when using mobile devices provided by The Crown Estate for them to carry out their work. This policy clarifies the bounds of personal use; and underlines the seriousness with which The Crown Estate views the inappropriate, unlawful or malicious use of the mobile devices provided. Users are expected to observe the arrangements set out in this policy and procedure and to report to line management any circumstances where they believe mobile devices are not being used appropriately. 3

3.4. Policy maintenance Supporting standards, guidelines and procedures will be issued on an on-going basis by The Crown Estate. Users will be informed of any subsequent changes or updated versions of such standards, guidelines and procedures by way of e-mail or other relevant communication media. Users shall then have the obligation to obtain the current information systems policies from The Crown Estate Intranet or other relevant communication media on an on-going basis and accept the terms and conditions contained therein. 4. Policy requirements 4.1. User Responsibilities Where a mobile device allows access to the internet any use of that facility is governed by the following Crown Estate Policies: Access Control Policy & Guidance Internet Usage Policy & Guidance End User Acceptable Use Policy & Guidance Electronic Communications Acceptable Use Policy & Guidance Wireless Communication Policy & Guidance The user should take reasonable steps to prevent damage or loss to their mobile device. This includes not leaving it in view in unattended vehicles and storing it securely when not in use. The user may be responsible for any loss or damage if reasonable precautions are not taken. In general, mobile devices will only be provided for work related purposes. However, it is recognised that there may be a need to make and receive occasional private communications. Cost and usage is monitored and where excessive personal use is identified costs will have to be reimbursed. The Crown Estate will determine what constitutes excessive personal use. The mobile device is, at all times, the property of The Crown Estate and must be surrendered on request for any reason. 4.2. IS Service Desk responsibilities The IS Service Desk is responsible for: Purchasing and allocation of mobile devices. Maintaining a library of all Crown Estate mobile device assets. Disposal of all mobile devices. 4.3. Privacy and Dignity Mobile devices having the capability of taking still or moving images represent a potential threat to the privacy and dignity of both employees and advisers and members of the public. No still or moving images of individuals may be taken without their express consent. Images of properties may be taken on estate visits or property inspections with mobile devices but these must not include identifiable images of individuals without their express consent first being obtained. In no instance whatsoever may still or moving images taken with Crown Estate mobile devices be posted onto the internet or social media sites without appropriate authority being first obtained. 4

4.4. Security Requirements Crown Estate employees must take care of any mobile devices issued to them. All such devices must be password protected and not used in public places without due care and attention by the employee. All lost, stolen, or mislaid mobile devices are to be reported immediately to the airtime service provider and to the IS Service Desk as soon as practicable. Contact details will be provided when the user is provided with the device. They are also available on i-site. The user must also report the loss to police as soon as practicable and obtain a case reference number. All security incidents, including actual or potential unauthorised access to The Crown Estate s information systems, must be reported immediately to the ISMS Manager or Head of IS in accordance with the Security Breach & Weakness Policy. Mobile devices that are lost or otherwise compromised through persistent lapses in security by the employee may incur costs to the user in respect of replacement charges or, in extreme cases, availability may be withdrawn. 4.5. Safety There is no conclusive scientific evidence at the time of writing that excessive use of mobile phones is detrimental to a person s health. However caution should be exercised in their use, avoiding long duration phone calls, texting or emailing where possible. 4.6. Driving The Crown Estate discourages the use of mobile devices whilst driving unless it is absolutely essential. Where a driver has to take a call they should ensure that they comply with the law and that any hands free device used is compliant with current legislation. Calls should be kept short and where possible arrangements should be made to continue it when the driver is parked safely and legally. At all times drivers should keep their concentration on the road and ensure that they drive with due care and attention to themselves and other road users. Whenever possible, drivers should let incoming calls go to their voicemail and then find a safe, legal, place to park, switch off their engine and respond to the call. On no account should any Crown Estate employee use mobile devices other than hands free whilst driving. 4.7. Acceptable Use All employees are expected to use mobile devices provided by The Crown Estate in an appropriate, acceptable and reasonable manner in accordance with the End User Acceptable Use Policy and Guidance. Employees are, in particular, expected to exercise good sense and responsibility in limiting any personal use of their mobile devices to a minimum and refrain from any inappropriate use. The following list gives examples of inappropriate use of Crown Estate mobile devices: Communications to premium rate numbers e.g. 0870 Communications to social media sites e.g. Facebook, Twitter Communications to votes of TV/radio programmes e.g. X Factor Communications involving bidding in online auctions e.g. ebay Communications to betting/competitions Communications that are illegal, obscene or libellous 5

Communication that are offensive or threatening Communications that infringe copyright Communications that transmit unsolicited commercial or advertising material Communications that transmit spam, chain or junk messages Accessing websites that are not essential for the better conduct of The Crown Estate s business Any other use that might cause commercial, reputational or financial distress to The Crown Estate. Employees are reminded that emails and text messages sent on Crown Estate mobile devices are admissible in court and subject to Data Protection and Freedom of Information legislation and therefore they could possibly be released into the public domain or to individuals mentioned in them. Employees found using their mobile devices in an inappropriate manner may have their mobile devices withdrawn and be subject to action under The Crown Estate s Rules and Disciplinary Code. 4.8. Use of Privately Owned Mobile Devices Connection of personal equipment to The Crown Estate s information systems will be at the sole risk of the person wishing to do so and subject to conforming to all policies as if the device was owned by The Crown Estate. Support and assistance for personal equipment will only be provided on a best endeavours basis. Personal equipment which has been connected to The Crown Estate s information systems and then lost will be considered a security incident and reported to the IS Service Desk as soon as possible. It is the responsibility of the owner of the equipment to contact their service provider as soon as possible and request the equipment be terminated remotely. This is in accordance with the Security Breach and Weakness Policy & Guidance. 4.9. Usage Charges Line managers will have responsibility for keeping control of mobile device usage by identifying those individuals who use a mobile device excessively and taking steps to reduce this. Bills for mobile devices will be issued on a monthly basis to users and departmental billing administrators for information purposes. Airtime usage charges are currently paid by the IS Service Desk. Billing administrators are responsible for checking departmental bills and approving payment. Bills not queried within 7 days of receipt will be paid automatically. Bill queries should be directed to the IS Service Desk. It is the responsibility of billing administrators to discuss billing issues with individual users and their line manager. Airtime charges will be monitored by The Crown Estate s Service Provider and when the total for a single device exceeds a 400 limit the IS Service Desk will be alerted. The IS Service Desk will then contact the relevant line manager for approval to continue, increase the user s limit or suspend the service. The IS Service Desk will provide all billing administrators with the names of employees in their department for whom they should expect monthly bills for mobile devices. 6

4.10. Personal Data Employees have the general right, under the Data Protection Act, to receive, on written request, a copy of any personal data concerning them, including information held electronically on systems owned by The Crown Estate including mobile devices. There are a few limited exceptions to this such as data held for crime prevention/detection purposes, but most individuals will be able to have a copy of the personal data held on them. Full details of how employees can obtain such information are set out in The Crown Estate s Policy on the Data Protection Act Statement of Intent. 5. Disciplinary Process It remains the ultimate responsibility of individual users and their managers to ensure that business and privately owned mobile devices are used appropriately. Any misuse may constitute a breach of policy and as such the person committing the misuse may be subject to disciplinary procedures. 6. Deviations from policy Unless specifically approved, any deviation from this policy is strictly prohibited. Any deviation to or non-compliance with this policy shall be reported to the ISMS Manager & Head of IS. 7. Glossary of Terms A summary of terms used and employee roles identified throughout documentation prepared by the IS Service Desk can be found in the ISMS Glossary of Terms. 7

Appendix A List of related documents, procedures and processes. Access Control Policy & Guidance Internet Usage Policy & Guidance Wireless Communication Policy & Guidance The Crown Estate s Rules and Disciplinary Code Lost or Stolen Hardware Process End User Acceptable Use Policy & Guidance Electronic Communications Acceptable Use Policy& Guidance. Security Breach & Weakness Policy & Guidance. ISMS Glossary of Terms Computer Misuse Act 1990 Malicious Communications Act 1998 Road Vehicles (Construction and Use) (amendments) Regulations 2003 Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 Data Protection Act Data Protection Act Statement of Intent. 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information