A Mobile Computing Policy covers Laptop, PCs, Personal Digital Assistant (PDA) and lets not forget about the wonderful iphones. Employees should be instructed to not use their personal computing devices (iPhones)to access the Bank’s network unless specifically approved by the IT department or some committee/board level approval. Mobile devices should have proper AV software with a control management solution in place to prevent lost of data due to theft or loss. Laptop risk is easily mitigate with some form of hard-drive encryption.

Mobile Computing Device Users must sign some form of acknowledgment to ensure that the proper usage and restrictions are understood by the user(s). Proper patch management is also a key for all laptops that are issued for remote usage. Ensuring that these mobile machines are patched accordingly will greatly reduce the chance of network workstation corruption once the mobile device is reconnected locally to the network. Basic Mobile Device Policy guidelines include:

1.Users are not allowed to install any additional software or hardware on any laptop without approval from IT.

2.Mobile computing devices used for any Network or Internet access (i.e., laptops) shall include installed up-to-date antivirus software.

3.Users must take all reasonable steps to protect against the installation of unlicensed or malicious software. Executable software must be validated and approved by IT before being installed.

4.Users must take reasonable steps to provide for physical security of the device.

5.If a mobile computing device is lost or stolen, the Data Security Officer and appropriate law enforcement agencies must be contacted immediately