Personal Device Policy
XYZ Credit Union/Bank: Personal Device Policy
1. Overview
a. XYZ Credit Union/Bank allows employees to purchase and use their own smartphones, tablets, and laptops at work for their convenience. This privilege can be taken away at any time by XYZ Credit Union/Bank if employees do not follow the policies and procedures outlined below.
b. This policy is intended to protect the security and integrity of XYZ Credit Union/Bank’s data and technology infrastructure.
c. Employees wishing to use a device must obtain approval for the device from their supervisor and the IT department. Each device will require a separate approval. Upon successful approval the device can then connect to the network as outlined in section 4.
2. Acceptable Devices
a. Acceptable …show more content…
Once connected, the employee will be directed to a web page where they must agree to the acceptable use policy.
c. The employee will achieve monitored access to all available internet resources.
5. Security
a. In order to prevent unauthorized access, devices must be password protected using the features of the device. The password must follow the company’s strong password policy.
b. The company’s strong password policy is: Passwords must be at least seven characters in length and a combination of upper and lower-case letters, numbers and symbols. Passwords will be rotated every 90 days and the new password can’t be one of 5 previous passwords.
c. The device must lock itself with a password or PIN if it’s idle for five minutes.
d. Rooted (Android) or jailbroken (iOS) devices are strictly forbidden from accessing the network.
e. Smartphones and tablets that are not on the company’s list of supported devices are/are not allowed to connect to the network.
f. Smartphones and tablets belonging to employees that are for personal use only are/are not allowed to connect to the network.
g. Employees’ access to company data is limited based on user profiles defined by the IT department and automatically enforced.
h. The employee’s device may be remotely wiped if
i. The device is
1. Overview
a. XYZ Credit Union/Bank allows employees to purchase and use their own smartphones, tablets, and laptops at work for their convenience. This privilege can be taken away at any time by XYZ Credit Union/Bank if employees do not follow the policies and procedures outlined below.
b. This policy is intended to protect the security and integrity of XYZ Credit Union/Bank’s data and technology infrastructure.
c. Employees wishing to use a device must obtain approval for the device from their supervisor and the IT department. Each device will require a separate approval. Upon successful approval the device can then connect to the network as outlined in section 4.
2. Acceptable Devices
a. Acceptable …show more content…
Once connected, the employee will be directed to a web page where they must agree to the acceptable use policy.
c. The employee will achieve monitored access to all available internet resources.
5. Security
a. In order to prevent unauthorized access, devices must be password protected using the features of the device. The password must follow the company’s strong password policy.
b. The company’s strong password policy is: Passwords must be at least seven characters in length and a combination of upper and lower-case letters, numbers and symbols. Passwords will be rotated every 90 days and the new password can’t be one of 5 previous passwords.
c. The device must lock itself with a password or PIN if it’s idle for five minutes.
d. Rooted (Android) or jailbroken (iOS) devices are strictly forbidden from accessing the network.
e. Smartphones and tablets that are not on the company’s list of supported devices are/are not allowed to connect to the network.
f. Smartphones and tablets belonging to employees that are for personal use only are/are not allowed to connect to the network.
g. Employees’ access to company data is limited based on user profiles defined by the IT department and automatically enforced.
h. The employee’s device may be remotely wiped if
i. The device is