The URL can be used to link to this page

Home My WebLink AboutF12.0 Mobile Computing and Storage Devices �'l3llRl�ll `Y 111CJ- 1' E A S CITY OF GRAPEVINE ADMINISTRATIVE POLICY SUBJECT: MOBILE COMPUTING & SECTION: F NUMBER: 12.0 STORAGE DEVISES PREPARED BY: Information Technology REVISED DATE: 02/01/2014 PAGE: 1 of 3 PURPOSE 12.1 The purpose of the Mobile Computing and Mobile Storage Devises policy is to establish an authorized method for controlling mobile computing and storage devices that contain or access information resources at the City of Grapevine. With advances in computer technology, mobile computing and storage devices have become useful tools to meet the business needs for the City. These devises are especially susceptible to loss, theft, hacking, and can be used anywhere. As mobile computing becomes more widely used, it is necessary to address security to protect information resources at the City. POLICY 12.2 This policy includes City of Grapevine employees, consultants, vendors, contractors, students, and others who use mobile computing and storage devices on the network for the City. 12.3 It is the policy of the City of Grapevine IT department that mobile computing and storage devices containing or accessing the information resources at the City of Grapevine must be approved prior to connecting to the City network. This pertains to all devices connecting to the City's network, regardless of ownership. 12.4 Mobile computing and storage devices include, but are not limited to: o Laptop computers o Personal digital assistants (PDAs) o Plug-ins o Universal serial bus (USB) port devices o Compact discs (CDs) o Digital versatile discs (DVDs) o Flash drives o Modems o Handheld wireless devices o Wireless networking cards o Smart phones o PC tablets �'l3llRl�ll `Y 111CJ- 1' E A S CITY OF GRAPEVINE ADMINISTRATIVE POLICY SUBJECT: MOBILE COMPUTING & SECTION: F NUMBER: 12.0 STORAGE DEVISES PREPARED BY: Information Technology REVISED DATE: 02/01/2014 PAGE: 2 of 3 12.5 Any other existing or future mobile computing or storage devices, either personally owned or City owned, that may connect to or access the information systems at the City of Grapevine must have prior approval before connecting to the City network. 12.6 Mobile computing and storage devices are easily lost or stolen, presenting a high risk for unauthorized access and introduction of malicious software to the network at the City of Grapevine. These risks must be mitigated to acceptable levels. 12.7 SENSITIVE DATA City of Grapevine information that is considered sensitive may not ever be copied to any mobile computing or mobile storage device for any reason. Sensitive information includes but not limited to any personal account information that is useable for identity purposes, all information that falls under the jurisdiction of the HIPPA regulations, all Police information that falls under the jurisdiction of Texas DPS and federal criminal justice information regulations. When necessary remote access to sensitive data will be done through a VPN tunnel and remote desktop techniques where the data never leaves the City network. Sensitive data is never to reside on a mobile computing or mobile storage device under any circumstances. 12.8 PASSWORDS AND SYSTEM INFORMATION Employee Password information is not allowed to be copied to any mobile computing or mobile storage device. Unless stored in a password protected fully encrypted format where the password is a minimum of eight characters and contains at least one numeric and one special character. 12.9 DATABASE INFORMATION Unless written approval has been obtained from the IT Director, databases or portions thereof, which reside on the network at the City, must not be copied to mobile computing or mobile storage devices. 12.10 VIRUS PROTECTION All laptop computers must have a current Virus scanning engine and current pattern �'l3llRl�ll `Y 111CJ- 1' E A S CITY OF GRAPEVINE ADMINISTRATIVE POLICY SUBJECT: MOBILE COMPUTING & SECTION: F NUMBER: 12.0 STORAGE DEVISES PREPARED BY: Information Technology REVISED DATE: 02/01/2014 PAGE: 3 of 3 file before ever connecting to the City of Grapevine network. This includes direct connections and VPN connections. 12.11 LOSS OR THEFT REPORTING Any loss or stolen mobile computing or mobile storage device should be reported to IT immediately. Include an inventory of any significant data that was residing on the device. 12.12 USING WIFI Personal laptop computers are not to be connected to City Public WIFI in City buildings. 12.13 RETURN OF CITY EQUIPMENT (PROPERTY) 12.13.1 Any City employee with a City paid mobile device (cellular, smart phone, laptop, tablet, etc) leaving the City must turn in all such related equipment to their respective City supervisor. Those desiring to keep their City paid cellular telephone number may keep it provided they fill out the City's Transfer of Financial Responsibility form from the IT department. 12.13.2 Public Safety employees desiring to keep their City paid cellular telephone number may keep it provided they fill out the City's Transfer of Financial Responsibility form from Police Technical Services. 12.14 CONNECTION STORAGE DEVISES 12.14.1 When connecting a storage devise; i.e. thumb drives, to a computerthe device must be immediately virus scanned before any data is accessed.