To establish security procedures for access to mobile devices thereby ensuring the reliability, accessibility, and security of such devices and the state network.
- A power-on password shall be used and shall at least be a 4-digit number
- Automatic device locking shall occur after five (5) minutes of inactivity
- When configurable, devices shall be disabled after ten (10) successive invalid sign on attempts. If a device becomes disabled, this means the device has all of its local information erased and it must be reconfigured to connect to the State’s servers.
Provide a standard for mobile devices.
This standard applies to all executive branch state agencies excluding the University Systems Office and other higher education institutions, i.e campuses and agricultural and research centers.
- Mobile Devices
- Personal digital assistants (PDAs) or smart phones that utilize the state network to perform synchronization.
- Power-on password characteristics have been established as minimum requirements. Agencies are encouraged to review the security needs of their specific programs, applications, and systems and enhance the power-on password requirements as necessary.
- Incoming and outgoing calls are allowed when locked.
Non-compliance with this standard shall be reported to the Office of the State Auditor.