Castlewood
asked on
What security policy should be included in Cellular Phone Policy?
My company is going to reimburse employees monthly for having their smart phones to receive/send company emails. At the same time, the company is pondering the security issue.
Can you share or recommend what security policy should be in place for the employees to follow while doing company emails on their personal device? For example, password to get in the mobile device, etc.
Can you share or recommend what security policy should be in place for the employees to follow while doing company emails on their personal device? For example, password to get in the mobile device, etc.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We do have Exchange server but what kind of control we could have, other than login credential to email account?
Basically our case could be more complicated since the phones are personal owned while company just reimburses the monthly cost of usage. The phones are not managed by the company at all.
First of all, company requires the phones with access to company emails need to have a password protection, which seems the basic.
Then, company requires users need to report to company IT department as soon as their phones got stolen or lost. But look, what the company IT can do? The only thing they can do is change the user's password of email account. Correct?
The most shaky one is require users who get phones stolen or lost to remotely wipe out all the data. Again, the company doesn't have control of the peronal phones so it will be the users' responsbility to remotely wipe out data. Is it feasibile? What can the company do in the event of lost/stolen pohones which are personal owned but access to company emailing. Please comment.