What to Include in a Mobile Device Policy?

30 January 2012
2 minute read
Martin Thompson
Best practice

What to Include in a Mobile Device Policy?

30 January 2012
2 minute read
Martin Thompson

If you want to develop a policy for the management of mobile devices in your organization – what should be included? What is in scope?

I’m assuming that a mobile device policy is an extension of a general IT or acceptable use policy and is likely to include, phones, smart phones, PDAs, scanners, tablets and other mobile devices.

I have included some ideas below – is there anything I’ve missed here?

Business Justification

  • Requirement – when do staff get issued a phone or mobile device? Which circumstances? What justification?
  • Jurisdiction  – Is it a company-supplied device with company contract, a company-financed device with personal contract or outright personal device?
  • Sharing – Is it a shared or pooled device or allocated to one individual?
  • Device Choice – Do different types exist depending on circumstances e.g. smart phone or regular phone?
  • Internal Costing – How will the cost be internally charged? What happens if the device is surrendered before the end of the minimum contract term?

Mobile Asset Lifecycle

  • Security Register – Will the device be logged on a third party security register in the event of loss?
  • Device Recovery – How is a device recovered when a member of staff leave or no longer require a device?
  • Damaged Handsets – How are they handled, how are replacements managed? Insurance?
  • Device Asset Register – Phone Number, Device, International Mobile Equipment Identity (IMEI), Owner etc.
  • Loss or Theft
  • Handset Recycling / Sustainability

Acceptable Usage

  • Data Allowance, Data Roaming and Management Thereof
  • International calls and international data
  • How is usage monitored?
  • Call Barring
  • Personal Calls /Usage
  • Data Storage – e.g. MP3 storage? data backup?

IT Governance

  • User Privacy
  • Configuration Settings (e.g. should internet be routed through a corporate proxy)
  • Signature file
  • Dropbox or other other corporate data / Intellectual property controls
  • Skype policy
  • Usage whilst Driving or otherwise occupied
  • Health Advice
  • Social media policy
  • Email use
  • Server / network access policy
  • Auto-Lock policy
  • Apps – purchase of, use of, ownership, data usage, privacy settings etc.

Is there anything else to add here? Please leave a comment below or contact me directly. Thanks.

About Martin Thompson

Martin is the founder of ITAM Forum, a not-for-profit trade body for the advancement of IT Asset Management.

He is also the author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management. In addition, Martin developed the PITAM training course and certification.

Connect with Martin on LinkedIn.

Subscribe

Can’t find what you’re looking for?

More from ITAM News & Analysis

Subscribe

Subscribe to the ITAM Review newsletter.
Subscribe

Software Licensing Training

On-demand and live training for ITAM, SAM and Software Licensing professionals.
Visit LISA

Similar Posts