Mobile Device Policy

Purpose

Mobile devices may connect to Zeta Alpha’s corporate network only for genuine business reasons under this policy. Additionally, this policy defines end-user limits and a framework for connecting mobile devices to Zeta Alpha’s digital resources, which may include, but are not limited to, the following types of media.

  • Phones of all types, including basic phones, feature phones, smartphones
  • Laptops, tablets, tablet PCs, notebooks, personal digital assistants
  • E-readers, digital cameras, and portable gaming gadgets
  • Computational watches, earphones, and eyeglasses
  • Electronic devices that store company data or connect to a network

Preventing a breach in our system requires Zeta Alpha maintains the right to supervise all business equipment remotely. Therefore, all users must follow these guidelines to guarantee secure corporate and client data movement and storage.

  • Laptops operating on Windows must be on version 10 or higher
  • Apple laptops must be using a version no later than macOS 14
  • Apple devices must run the latest iOS, watchOS, or iPadOS available 
  • All Android devices must operate on a version no later than OS 11    

Whether the user or the business owns the device, the policy applies to any mobile device used to access corporate resources.

The transmission of sensitive information about individuals and businesses through a network poses a danger. Therefore, installing proper measures to prevent unauthorized access to sensitive data is expected. As a result, this policy’s primary aim is to safeguard Zeta Alpha’s customers’ information confidentiality, integrity, and availability. To prevent this sort of compromise, everyone who uses business resources on a mobile device or connects to Zeta Alpha’s corporate network must commit. Additionally, you must follow the rules outlined in these publications. 

Scope of Application

For the privilege, not the right, to access personal data, Zeta Alpha has gained the trust of its customers, supply chain partners, and other constituents. As a result, we need all employees, contractors, freelancers, and other agents who use any mobile device to store, backup, or move data belonging to Zeta Alpha or their client to conform to this policy. Using these devices to gain network and information access to business resources is not a result of employment and does not guarantee their service.  List of common threats mobile devices may impose on enterprise data:

Lost or stolen: Significant privacy concerns will arise when mobile devices are lost or stolen; therefore, the user must take enormous precautions.
Public Wi-Fi: Using public Wi-Fi networks allows hackers to easily access your data, distribute malware, and steal passwords.
Malware: While disguised as an application, game, video, photo, or hyperlink, malware may synchronize between devices unnoticed. 
Social Engineering: Bait and scare tactics are often used to persuade you to share vital information, such as a login or password.
Compliance: Health information is classified as sensitive and private data under HIPAA, exposing the company to liability for identity theft and privacy violations.

The Information Technology department of Zeta Alpha will handle all devices connected to the network and the hardware needed to transmit store, and back up business data. Any unauthorized use of the network of corporate data is expressly prohibited.

This policy complements previous documentation about the transfer and storage of Zeta Alpha intellectual properties, including accessibility and controls governing their use.

User Responsibility

At all times, the user acknowledges and agrees to adhere to all applicable security measures while using privately held or company-owned equipment. Furthermore, the user authorizes Zeta Alpha to remotely wipe any devices accessing corporate data if the device is lost or stolen. Zeta Alpha expects users to notify the IT department when the loss or theft is recognized. 

  • Users must never interfere with the network, applications, or data. The IT department will manage technology solutions as deemed fit by the organization.
  • Passwords and other sensitive data should not be stored unencrypted on mobile devices.  
  • Users must never keep or store personal profiles on business resources, and all user credentials must be deleted at the end of each session.
  • Employees must report the retirement of a device from the network and bring it to the IT department for removing company resources mobile Device Management. 

Device Compliance

This stage verifies that a device possesses the necessary capabilities to offer an essential degree of security to protect our network and the data it contains. 

The information technology department will handle device connectivity to the organization’s network and verify that all corporate data moving to and from the device is set to meet standards for PHI encryption. Additionally, Zeta Alpha exercises extreme care with any device demanding access to business resources. They must always adhere to the security rules, even while connecting to non-corporate equipment. In the event of non-compliance, all network access rights will be immediately suspended to safeguard the company’s infrastructure.

Devises accessing company data:
  • Require a strong password to unlock 
  • Auto erases after ten failed entries
  • Screen lock after 5 minutes of inactivity
  • Remote wiping enabled and approved by the IT department
  • Encryption enabled and approved by the IT department
  • Antivirus software must be company-approved and installed on the device and additional networks devices it wishes to connect.

Mobile Device Management (MDM)

  1. Connecting a device to company resources requires Zeta Alpha’s IT department to set up the device following company policy and manage the device according to policy remotely.
  2. All devices connecting to company resources, either personal or owned by the corporation, require applications installed by the IT department. 
  3. IT managers may use the mobile device management system to remotely erase, monitor the position of, and lock mobile devices that access business data.
  4. A violation of Zeta Alpha’s mobile device management implementation will instantly disconnect from all corporate resources. In addition, there may be additional sanctions in line with the company’s overall security policy.

 Disciplinary action, including termination of employment and suspension of technology usage and connection rights, are all possible consequences of noncompliance with the Mobile Device Acceptable Use Policy.

If this policy is violated, the company’s immediate management or director will be notified and liable for remedial action.

Employee Certification

I, _____________________, have read and comprehended the above Mobile Device Acceptable Use Policy and agree to follow its regulations. I, _____________________, resolved Zeta Alpha of any responsibility arising from or in connection with remote wipe, remote lock, or remotely locate operations on my personal or supplied device.

___________________________________                _______________________________

Employee Signature                                                      Date

___________________________________           _______________________________

Manager Signature                                                        Date

___________________________________         _______________________________

IT Administrator Signature                                             Date

 

 

Previous    Home    Next