Brevard County (Florida)
Administrative Procedures
 

7540.08 - MOBILE COMPUTING DEVICE ASSIGNMENT AND USE PROCEDURE

The purpose of this procedure is to assign responsibility and provide procedures related to the use of mobile computing devices.

The Superintendent or designee is responsible for providing policy and procedural guidance for establishing, operating, and maintaining the Board's mobile computing device services. The considerable benefits gained by mobile computing to convey and process information quickly must be balanced by responsible use and security of these devices and the data that resides on them. Each user is personally responsible for protecting and properly using this equipment.

 A.Mobile Usage Requirements
  Utilization of mobile technology by District employees is encouraged for Board business. The following are mobile computing usage requirements:

  1.The device is assigned by school or department and made available for use as long as it is used for work-related activities requiring its use.

  2.The user is allowed to take the device home to work on school or District related activities.

  3.Only copies of software authorized by the Board are to be loaded on the device and may only be installed after proper authorization by department or school administration.

  4.Assignee is responsible for the appropriate use and care of the device and all associated equipment.

  5.Assignee will be required to present the device for inspection during the annual inventory audit of property owned by the school system.

  6.Assignee will exercise due diligence in safeguarding the device and associated equipment from loss, damage, and theft. This would include such precautions as storing the device in a locked cabinet when not is use, not leaving the device in a car, and properly securing during meetings/conferences. If it is found that due diligence was not exercised in keeping this property secured, assignee could be held financially responsible for the cost of replacement or repair (whichever is applicable).

  7.At the appropriate time for replacement, or at termination of employment (whichever occurs earlier), assignee will return the device to the department or school for reassignment or removal from active inventory, whichever is applicable. Assignee will not be held financially responsible for any repairs resulting from normal and ordinary use of such equipment.

  8.Assignee must read, understand, and sign Form 7540.08 F1 before receiving mobile computing equipment.

 B.Applicable Policies
  The user will follow all District AUP and internet/e-mail policies for staff (i.e., home, or out of office use should be as if the laptop was still at the District).

  1.AP 7540.04

  2.AP 7540.05

 C.Confidential Data
  This includes student records, any finance data, HR data, and SSN's must be protected at all times to prevent the unauthorized modification, disclosure, or destruction (i.e., encryption and strict use of access controls to include: family members or friends do not have the right to logon to this device at anytime for any reason) (i.e., home, or out of office use should be as if the laptop was still at the District).

 D.Personal Laptops and Other Mobile Devices
  Personal laptops or other non-approved servers, computers, mobile phones, Smart phones, PDA’s, USB drives, ipods, or any other mobile electronic devices are not allowed to be connected to the District network without Change Management approval as they increase the risk of a security incident (i.e., they must have approved OS (no Win 95/98, UNIX, Linux)). The OS must be patched to prevent the latest threats. Approved anti-virus must be installed and have the latest signatures. Finally, any home PC, USB device, mobile phone, PDA, or ipod can come into the District environment with any number of unknown issues, some of which include: spyware, worms, trojans, key loggers, botnets, peer to peer file sharing software, pornography, or any other illegal or unlicensed software. These items if not carefully controlled will circumvent the many enterprise wide and costly protection mechanisms that have been put in place to protect District data and information systems.

Approved 4/10/07
Revised 10/08