Portable Devices Security Procedure (Mobile Devices Policy)
Portable Devices Security Procedure (Mobile Devices Policy): This user-level document governs how users are to use, secure, maintain, and retire a portable device. It covers both authorized (BYOD . . . employee-owned) devices as well as issued (company-owned) devices.
This is the central non-technical control document for mobile device security and BYOD. The required controls it establishes are worded as a trade-off: “if you enforce these controls you get to put company data on your phone.”
Many organizations may treat this as a policy document. We don’t, as it only applies to users who have been approved for mobile devices, but it will be easy for you to modify this to turn it into a policy document.
Included in this template is the Agreement to comply with Portable Devices Security Procedure: This agreement is very important so that employees understand their obligations, responsibilities, rights, and vulnerabilities. The warnings in this agreement are paramount for a solid risk management approach, for warning employees of the pitfalls of remote wipe (you will lose your pictures and music), and also to smooth over some of the more unpopular inconveniences of the program (such as the right to audit).
Save when you purchase the entire Mobile Devices Security kit!