Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Information Security Standard for Mobile Computing Devices, Study notes of Mobile Computing

Edinburgh Napier UniversityMobile Computing

The information security standard for the use of mobile computing devices at the university, including definitions, registration, encryption, physical protection, access controls, remote disabling, erasure or lockout, and backups. The standard applies to all workforce members using mobile devices to access university information technology resources.

Typology: Study notes

2021/2022

Uploaded on 09/27/2022

aristocrat
aristocrat 🇬🇧

5

(5)

240 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Information Security Standard 6.2a
Mobile Computing Devices Standard
Initially Approved: February 16, 2015
Revised: March 30, 2020 (as the Mobile Computing Devices Standard)
Standard Topic: Information Security
Administering Office: Office of the CIO
I. STANDARD STATEMENT
This standard operates under University Policy 117 Information Security. The use of
mobile computing devices to access University information technology resources
introduces different and increased risks than traditional stationary computers
do. One big difference is the use of personally-owned devices. This standard
addresses these risks and the steps necessary to reduce them.
II. SCOPE AND APPLICATION OF THE STANDARD
This standard applies to all university workforce members that use mobile computing
devices as defined in this standard and have access to University information
technology resources including wireless network access. This standard applies to any
mobile computing device whether it is owned by the university or otherwise.
III. DEFINITIONS
Mobile Computing Device (MCD) A portable computing device with Internet browsing
capability. This definition includes, but is not limited to, laptops and notebook
computers, tablet computers, smartphones and wearable computers.
Registered MCD - Registered MCDs are managed by the University in a way that makes
them more secure than un-registered devices.
IV. Mobile Computing Devices Standard
a. Compliance with other policies
MCD users must comply with:
i. All University and IT security policies, but specifically:
1. University 97 Data Security and Stewardship Policy and Data Handling
Procedures
pf3

Partial preview of the text

Download Information Security Standard for Mobile Computing Devices and more Study notes Mobile Computing in PDF only on Docsity!

Information Security Standard 6.2a

Mobile Computing Devices Standard

Initially Approved: February 16, 2015

Revised: March 30, 2020 (as the Mobile Computing Devices Standard)

Standard Topic: Information Security

Administering Office: Office of the CIO

I. STANDARD STATEMENT

This standard operates under University Policy 117 Information Security. The use of

mobile computing devices to access University information technology resources

introduces different and increased risks than traditional stationary computers

do. One big difference is the use of personally-owned devices. This standard

addresses these risks and the steps necessary to reduce them.

II. SCOPE AND APPLICATION OF THE STANDARD

This standard applies to all university workforce members that use mobile computing devices as defined in this standard and have access to University information technology resources including wireless network access. This standard applies to any mobile computing device whether it is owned by the university or otherwise. III. DEFINITIONS Mobile Computing Device (MCD) – A portable computing device with Internet browsing capability. This definition includes, but is not limited to, laptops and notebook computers, tablet computers, smartphones and wearable computers. Registered MCD - Registered MCDs are managed by the University in a way that makes them more secure than un-registered devices. IV. Mobile Computing Devices Standard a. Compliance with other policies MCD users must comply with: i. All University and IT security policies, but specifically:

  1. University 97 Data Security and Stewardship Policy and Data Handling Procedures
  1. University 93 Electronic Mail Policy for Non-Student Users
  2. University 52 Responsible Use of Information Technology Resources Policy ii. MCD Data Push Terms of Service (for those using it) b. Registration of mobile devices Because of the enhanced security controls which are enforced, MCDs which are registered (as defined above) and managed by the University are considered to be in the Medium Security Zone in the Data Handling Procedures, while unregistered MCDs are considered to be in the Low Security Zone. This differentiation determines which types of sensitive data can be stored on or accessed by the device. WCU-owned MCDs are automatically registered. Personally-owned MCDs that are set up to synchronize Email with the University MCD Data Push service are also considered registered. c. Encryption The Data Handling Procedures require the use of encryption for certain sensitive data. MCDs which are registered and managed by the University are considered to be in the Medium Security Zone and MCDs which are not registered or managed by the University are considered in the Low Security Zone. Refer to the Data Handling Procedures for guidance on what the encryption requirements are. MCDs which are utilizing the University MCD Data Push service are required to have the device’s built-in encryption enabled. d. Physical Protection Mobile devices must be physically protected against theft especially when left, for example, in cars and other forms of transport, hotel rooms, conference centers and meeting places. Devices carrying important, sensitive or critical business information must not be left unattended and, where possible, must be physically locked away, or utilize special locks to secure the devices. e. Access controls Care must be taken when using mobile devices in public places, meeting rooms and other unprotected areas. Protection must be in place to avoid the unauthorized access to or disclosure of the information stored and processed by these devices.