Mobile Device Responsibilities
With the goal of protecting the security of College networks, institutional data, and Personal Identifiable Information (PII), this policy will define standards, processes, and procedures for College employees who:
- Have been provided mobile devices by the College for job related functions. Mobile devices may include, but is not limited to: laptops, phones, tablets, or any portable device.
- Are using personally owned mobile devices to connect to, or to retrieve or store College resources and data.
This policy applies to permanently assigned College owned devices as well as loaner devices. In addition to the terms and conditions below, employees must agree to abide by the terms in the Technology Use Policy and Procedures document.
College owned devices
- Devices owned by the College are tagged and tracked in an inventory system and are subject to periodic recall for audit and maintenance purposes. The College reserves the right to install software which will allow for asset tracking and destruction of College data in the event of loss or breach. Users shall not remove or alter the inventory tag or attempt to modify any auditing software.
- Users may not jailbreak, root, re-image, remove, or otherwise bypass any operating system, software, or antivirus or security configurations of the device.
- All devices which access College resources must be protected using a strong password or pin number as defined by the Technology Use Policy and Procedures document.
- Employees who have access to PII or sensitive data should never download or store it on a mobile device.
- Users are responsible for the physical security of the device.
- IT is responsible for installing and maintaining the equipment, including antivirus software, system updates, and security configurations.
- Users understand that loss of data may occur due to software or hardware crashes, malware, or viruses which may also render the device unusable.
- Off-campus access to College data and campus resources is available through a VPN (virtual private network) session. Guidelines and procedures are found in the Remote Access section of this document.
- The user must immediately report to the IT Department any incident or suspected incident of unauthorized device access, loss, or theft.
- In extraordinary cases, an Office 365 system administrator from the IT department will initiate a remote wipe when the Chief Technology Officer has determined PII or confidential information can be compromised.
Non-College Owned Devices:
- IT will allow access to institutional resources (Outlook, OneDrive) by personally owned mobile devices.
- On-campus access to College resources and data on campus is made via a physical or wireless connection. This access is controlled via network policy. Descriptions of these networks and procedures to access them is defined in the Wireless Network section of this document.
- IT will not directly support hardware or software issues on user-owned devices.
- IT can only provide limited support with connectivity or configuration relating to access of College resources.
- IT may remotely remove stored College emails and documents stored on the device. In extraordinary cases, an Office 365 system administrator from the IT department will initiate a remote wipe when the Chief Technology Officer has determined PII or confidential information can be compromised.
All users must acknowledge that they have read and agreed to the complete Technology Use Policy and Procedures to access services and systems on the FCC network.