1. 面包屑主页图标
  2. 人力资源
  3. 政策 & 程序
  4. 技术
  5. 移动通信设备
默认字体大小图标

移动通信设备

710.500移动通信设备策略

移动 computing 设备 are standard equipment in today’s computing environments. However, the portability offered by these 设备 increases the risk that information 储存或传播的信息将会暴露. 皇冠8868会员登录谷学院(WVC)允许 personal mobile 设备 to be used for business purposes as long as those 设备 遵循下面的指导方针.

A. 目的

The purpose of this policy is to establish best practices, procedures and protocols for the safe, secure and responsible use of mobile 设备 on 皇冠8868会员登录 Valley College 网络. 这 policy is necessary to preserve the integrity, availability and confidentiality of 皇冠8868会员登录 山谷学院数据 and its associated communications 网络. 这 policy addresses privacy, records retention, and stewardship of confidential state information by enhancing security and establishing employee responsibility and accountability in the use of mobile 设备 to access, transmit college data.

B. 一般

All communications records, documents, data, photos, etc. 曾担任大学校长 business and made via personally owned 设备, are subject to records retention requirements 以及公开披露要求. 个人设备的所有者可能会被要求 surrender their device, including personal and business-related information, if it falls within scope of a Freedom of Information Act request (FOIA) or other types of 诉讼将.

C. 范围

这 policy applies to all mobile 设备 that connect to any 皇冠8868会员登录 Valley College data 网络 and related services to conduct legitimate business activities.

  1. College Owned: 这 policy applies to all staff, faculty and students who operate a 皇冠8868会员登录 Valley College owned mobile device that communicates with 皇冠8868会员登录 Valley College data 网络, downloads, stores data from 皇冠8868会员登录 山谷学院数据 storage 系统和服务.
  2. Personally Owned: 这 policy applies to 皇冠8868会员登录 Valley College staff, faculty, students and 3rd parties who utilize personal 设备 that hold/transmit 皇冠8868会员登录 山谷学院数据.

D. 豁免

There are no exemptions to this policy unless for valid business reasons.

  1. 豁免及审批要求:
    1. Exemption approvals require authorization by the WVC 总统, Vice 总统, Deans 或部门指定人员.
    2. Exemptions are documented, reviewed at least annually for validity and relevancy.

E. 执行

工作人员 members found in policy violation may be subject to blacklisting of their personal 设备, loss of computing privileges, disciplinary action up to and including termination.

F. 分布

这 policy is to be distributed and readily accessible to all 皇冠8868会员登录 Valley College 雇员、学生、承包商、志愿者等.

Renamed/revised and approved by the president’s cabinet: 9/16/08, 1/6/09, 2/5/13, 10/18/22
Adopted by the board of trustees: 10/10/01, 11/19/08, 2/18/09, 2/20/13, 11/16/22
最后一次审查:11/16/22
政策联系人:技术

Related 政策, procedures and related references
1710.500移动通信设备程序
公共记录法案RCW 42.56
Washington State Office – Chief Information Officer

1710.500移动通信设备程序

A. 一般

皇冠8868会员登录 Valley College (WVC) mobile communications 设备, and associated telecommunications contracts, and services, are managed by the technology department.

移动 设备 owned by 皇冠8868会员登录 Valley College or personally owned that access WVC data 网络, systems, applications, services or data repositories, hosted by college systems or hosted in college managed cloud services, or third- party cloud service 提供程序受此过程的约束. Applications, including cloud storage software/services, used by staff on their own personal 设备 are also subject to this procedure. 移动 设备 purchased by 皇冠8868会员登录 Valley College will be automatically registered with technology department college mobile device enrollment services. 个人移动设备 that require access to college data and 网络 must abide by these procedures.

The following general procedures and protocols apply to the use of all mobile 设备:

  1. All mobile 设备 must be protected with a password, PIN code, biometric method (facial recognition, fingerprint) at the time the device is enrolled into WVC mobile device enrollment services and continue as long as the device has access to WVC数据.
  2. 移动 device passwords/PIN codes must meet the requirements outlined in the 皇冠8868会员登录 山谷学院访问控制和密码政策.
  3. All college data stored on mobile 设备 shall be encrypted.
  4. All mobile 设备 will utilize the most secure wireless encrypting standards; security and access protocols shall be used with all wireless network connections.
  5. All mobile device users shall refrain from using public or unsecured network connections 发送/接收大学数据. All mobile 设备 used to connect to college 网络 shall be registered with the appropriate mobile device management (MDM) role approved 由WVC技术部.
  6. All mobile computing 设备 that access WVC 网络 shall have active and up-to-date anti-malware/virus protection and firewall protection software installed.
  7. All mobile 设备 shall have locations services enabled. 都丢了,被偷了,毁了 or compromised mobile 设备 or mobile 设备 that have been identified as threats to WVC 网络 or data will lose access to college data and 网络.
    1. Temporary loss – device must be remediated and meet device health baselines.
    2. Permanent loss – employee separation, risk management assessment or other circumstances.
  8. WVC 技术 Department reserves the right to terminate access to any device without 事先通知设备所有者.
  9. All mobile 设备 and applications shall be kept up to date.
  10. Operating system and application patches shall be installed within 30 days of release.

B. 用户设备职责

The following procedures and requirements shall be followed by all users of mobile 设备:

  1. WVC employees shall immediately report any lost, stolen, destroyed or compromised device in any way or form to the 皇冠8868会员登录 Valley College Information 技术 (IT) 帮助台.
  2. 给IT帮助台发邮件至helpdesk@wvc.Edu或致电509-682-6550寻求帮助
  3. Unauthorized access to a college owned or personal mobile device or unauthorized access to college data must be immediately reported to WVC IT 帮助台.
  4. 个人移动设备 shall not be “rooted, jail broken” or have software/firmware installed that could pose a risk to college data stored on the device.
  5. Users shall not load illegal content or pirated software onto any mobile device accessing 大学网络或数据.
  6. Only WVC IT approved applications are allowed on college owned mobile 设备.
  7. College provided/approved applications will be updated on a regular basis per WVC 资讯科技政策及标准.
  8. Device security health baselines will be enforced on all 设备.
  9. Users shall use WVC approved data sharing systems or services when sending or receiving WVC数据.
  10. Users are responsible for ensuring all important files stored on the mobile 设备 是否定期备份.
  11. Users shall not modify or attempt configurations without express written authorization 来自WVC技术人员.

C. 行政责任

The 皇冠8868会员登录 Valley College 技术 Department staff and/or 移动 Device Management 服务 or their designee are responsible for the following:

  1. Ensure employee/student personal data remains secure at all times.
  2. Reserves the right to block personal 设备 that are determined to pose a threat to college 网络, services and data, pending remediation by the device owner, or 这违反了移动设备的要求.
  3. Reserves the right to permanently block a personal device if remediation efforts by the owner are not satisfactory, timely or technology staff determine the device continues to pose a security threat to college 网络 and data.
  4. 移动 device management (MDM) enterprise mobility software will be used to enforce common security standards and configurations on 设备 such as:
    1. 自动锁定与PIN或密码强制.
    2. PIN和密码复杂度强制执行.
    3. Remote wipe enabled to lock or wipe a lost or stolen device.
    4. Full wipe of college owned 设备 upon employee separation.
    5. 部分擦除个人设备(大学数据).e.,电子邮件,团队聊天等.).
    6. 强制使用安全通信协议.
    7. Ensure college-owned apps are maintained and up to date.
    8. 应用程序隔离.
    9. 地理围墙.
    10. 设备运行状况和安全基线.
  5. Specific configuration settings shall be defined for malware protection software to ensure that that this software is not alterable by users of mobile and/or employee-owned 设备.
  6. Annual security training is provided to users of mobile 设备. 内容与形式 of that training shall be decided by 皇冠8868会员登录 Valley College or designee. 周期 security reminders will be used to reinforce mobile device security procedures and 其他最佳实践.
  7. 移动 device management software is used to manage risk, limit security issues, and reduce costs and business risks related to mobile 设备. 该软件应包括 盘点、监控(e)能力.g.(应用程序安装),发出警报 (e.g., disabled passwords, categorize system software operating systems, rooted 设备), 并发布各种报告(e.g.、安装的应用程序、运营商).
  8. 移动 device management software shall include the ability to distribute applications, data, and global configuration settings against groups and categories of 设备.
  9. Perform yearly reviews at a minimum and updates of security standards and procedures 用于移动计算设备.
  10. Establish procedures, workflows, memorandum of understanding(s), to manage and document requests for exemptions and deviations from these procedures.
  11. 移动 device management software shall terminate device access when an employee separates 并对设备进行数据擦除。.
  12. Implement technical processes and measures to strictly limit and control access to sensitive data moving to and from mobile computing 设备.

D. 审计控制和管理

  1. Documented procedures and evidence of practices shall be available upon request for this procedure and accessible as part of WVC 政策 and procedures website. 令人满意的 证据和遵守的例子包括:
    1. Documented quarterly spot user checks for compliance with mobile device computing 政策.
    2. Readily available processes and procedures for staff use of mobile 设备.
    3. Configuration and support guidelines and procedures for mobile 设备.
    4. Communication and device logs of attached units showing appropriate management, compliance 监控协议已经就位.
    5. Anecdotal and archival communications showing regular implementation of the procedure.

Approved by the president’s cabinet: 9/16/08, 1/6/09, 2/5/13, 4/25/23
最后一次审查:4/25/23
皇冠8868会员登录:技术支持

相关政策及程序

710.500 移动通信设备策略
大学访问和密码政策