Mobile Device Management Policy Development

DIGIGUARD can create a mobile device management policy for your SMB. Mobile device security is a critical step in an overall IT security policy to reduce risk and protect data assets. Our consultants will create a comprehensive document that addresses multiple aspects of your company’s unique mobile device needs. Our cybersecurity experts will help your business comply with industry regulations and best practices for data privacy and security. We include policy for mobile devices used to store company data and connect to networks including:

• Cell phones
• PDAs
• USB applications
• Laptops, notebooks, tablets
• Personal computers used for company access

Mobile Device User Policies

Our consultants help define standards, procedures, and restrictions for end-users who have specific and authorized needs to access company data from a mobile device. Data security is not optional, so we include specific user access rules to help protect your business from legal and compliance risk as well as data compromise. DIGIGUARD creates policies that address your industry’s specific regulatory or compliance restrictions. We integrate and align device policy with your overall information security policy framework.

Whether devices are company-owned or bring your own device (BYOD) items, your staff need to understand that you will be installing security protection on their devices and that adhering to policy is a condition of access to company data. We will help you present the terms of this access and the consequences of non-compliance. When rolling out policy for the first time, we gather input from your teams to understand what they need from their mobile business devices and gain buy-in by assuring them regular policy reviews to address evolving technology and security concerns. Here are some of the end-user policies we address:

• Device setup, support and repairs
• Updating requirements
• Social media and explicit content restrictions
• Privacy expectations
• Using protected and secure WiFi connections
• Protecting, storing and segregating personal data
• Camera, audio and video recording
• Loss, theft and reporting requirements
• Employment separation and device surrender
• BYOD stipends, reimbursement and compensation per state and federal rules

Device Data Protection Policy

DIGIGUARD will include data security protection items to your device policy document. Increasing data privacy and protection compliance regulations mean your policies need to be firm and clear to prevent data theft and exfiltration. Preventing breaches, especially in highly regulated industries such as healthcare and finance, may require additional security policies such as requirements for:

• Robust encryption tools for data in transit
• Remote auto wiping
• Autolock options
• Minimum PIN length
• Disabling and blocking of features
• Personal data backup responsibilities
• Authentication requirements
• Technology associated risk acceptance
• Non-compliance actions

Mobile Device Technical Policy

Mobility maximizes productivity for employees who require immediate and frequent contact with co-workers, clients or partners. Devices should only be approved where the productivity gains outweigh the costs and risks to support and manage the devices. DIGIGUARD will include technical security provisions for both employees and IT management in your mobile device policy document to help your business address and manage additional security management risks. Our cybersecurity experts will suggest which control rights your business should retain for mobile device use. We will include rules for:

• Accessing apps and data from untrusted devices and locations
• Passing data between devices
• Unauthorized user attempts at data access
• Offboarded users with BYODs
• Lost or stolen devices
• Network secure access outside business hours
• BYOD data rules
• Passwords, device idle time and verification credentials
• Sharing sensitive content into unprotected email systems
• Email attachments or web links with sensitive data
• OS updates, security scans
• Restriction of rooted devices
• Blocking or removal of specific applications
• Backup and configuration requirements
• Mandatory location services
• Anti-virus and anti-spyware
• WiFi and geofencing
• Inventory process for devices, data and applications

Mobile Device Policy Strategy

DIGIGUARD will help your employees understand your company’s acceptable use policies before they access your network. We will help you let employees know that security compliance is a condition of their employment. We will identify which users need access to company-wide data for productivity and which employees need simpler or limited access. We can suggest and implement additional services for your business, such as virtual phone services or mobile management platforms. Our team of experts can revisit your policy annually to ensure compliance with changing regulations and industry trends.

Contact DIGIGUARD today to put a mobile device management policy to work at your business.