Política de segurança de dispositivos móveis
Using this policy
One of the challenges facing IT departments today is securing both privately owned and corporate mobile devices, such as smartphones and tablet computers. This example policy is intended to act as a guideline for organizations looking to implement or update their mobile device security policy.
Feel free to adapt this policy to suit your organization. Where required, adjust, remove or add information according to your needs and your attitude to risk. This is not a comprehensive policy but rather a pragmatic template intended to serve as the basis for your own policy.
Background to this policy
The most common challenge is that users do not recognize that mobile devices represent a threat to IT and data security. As a result they often do not apply the same security and data protection guidelines as they would on other devices such as desktop computers. The second challenge is that when users provide their own devices they often give greater weight to their own rights on the device than to their employer’s need to protect data.
This outline policy gives a framework for securing mobile devices and should be linked to other policies which support your organization’s posture on IT and data security.
Example policy 1. Introduction
Mobile devices, such as smartphones and tablet computers, are important tools for the organization and their use is supported to achieve business goals.
However mobile devices also represent a significant risk to information security and data security as, if the appropriate security applications and procedures are not applied, they can be a conduit for unauthorised access to the organization’s data and IT infrastructure. This can subsequently lead to data leakage and system infection.
<Company X> has a requirement to protect its information assets in order to safeguard its customers, intellectual property and reputation. This document outlines a set of