Cell phone security policy

[Matt Marmet <matt.marmet () ARMSTRONG EDU>]

Good Morning Everyone,



There has been some interest here at Armstrong in moving towards a cell
phone stipend model. We have discussed the pros and cons with our various
carrier reps and seem to have a clear understanding of them. However, there
is one concern that we have and that is security. If we move to this model,
all of the cell phones would be personal along with the billing plans. Our
initial reaction is to have something in place to be able to wipe the
devices clean in case of termination or a lost device. That way all email
and potentially other institutional data can be deleted. We use Google mail
for email and have heard of some options with that. I have 2 questions for
the list:



1)      What in particular are you doing about institutional information on
a private device (encryption, antivirus, etc.)?

2)      Do you have something in a policy about cell phone security and the
ability to wipe a device clean that I can take a look at?



I want to be able to set appropriate expectations for users so there is no
shock later when their device gets wiped or “reset”.



Thanks all. Have a great day.



Matt





----
Matt Marmet
Director of IT Security, CISO
Armstrong Atlantic State University
11935 Abercorn Street
Savannah, GA 31419
Desk: (912) 344-3528
Cell:  (912) 414-0684



Security Tip: No matter how authentic the request appears, if you are asked
in an email or via the phone to provide your password - it is a SCAM.


******* The ITS Team will NEVER, EVER, EVER ----- EVER ask for your

username and password via Email. Don't respond to any requests for
this information ******



"The lesson here is that anything that holds any data of any value must be
protected."