Portable Devices Security Procedure (Mobile Devices Policy)
Portable Devices Security Procedure (Mobile Devices Policy): This user-level document governs how users are to use, secure, maintain, and retire a portable device. It covers both authorized (BYOD . . . employee-owned) devices as well as issued (company-owned) devices.
This is the central non-technical control document for mobile device security and BYOD. The required controls it establishes are worded as a trade-off: “if you enforce these controls you get to put company data on your phone.”
Many organizations may treat this as a policy document. We don’t, as it only applies to users who have been approved for mobile devices, but it will be easy for you to modify this to turn it into a policy document.
Included in this template is the Agreement to comply with Portable Devices Security Procedure: This agreement is very important so that employees understand their obligations, responsibilities, rights, and vulnerabilities. The warnings in this agreement are paramount for a solid risk management approach, for warning employees of the pitfalls of remote wipe (you will lose your pictures and music), and also to smooth over some of the more unpopular inconveniences of the program (such as the right to audit).
Save when you purchase the entire Mobile Devices Security kit!
Leave a comment
We have recently made a significant change to our Incident Response Policy regarding Read more
Even if you haven’t ever used Facebook, your friends and family may have already let Read more
Just in time for the next round of SOC reviews, we’ve reviewed and updated our metric Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more