°ÄÃÅ¿ª½±½á¹û

Policy 8 - Mobile Device Policy

1.0 Overview

Portable computing devices, including but not limited to Personal Data Assistants (PDA), Blackberry devices, iPhones, laptop/tablet computers, etc., are becoming increasingly powerful and affordable. Their small size and functionality are making these devices ever more desirable to replace traditional desktop devices in a wide number of applications. However, the portability offered by these devices increases the risk that information stored or transmitted on them will be exposed. 

°ÄÃÅ¿ª½±½á¹û allows personal mobile computing devices to be used for business purposes as long as those devices adhere to the guidelines as stated below.

2.0 Purpose 

The purpose of the °ÄÃÅ¿ª½±½á¹û Mobile Device Policy is to establish the rules for the use of mobile computing devices. These rules are necessary to preserve the integrity, availability and confidentiality of °ÄÃÅ¿ª½±½á¹û information. Any questions or comments about this policy should be directed to Information Systems.

3.0 Scope

This policy applies to students, faculty, staff or individuals external to MSU who own or operate a mobile device that communicates with °ÄÃÅ¿ª½±½á¹û’s equipment, networks or stores MSU data in any way.

4.0 Policy

Listed below are the minimum guidelines when using a mobile device. Users must also follow additional guidelines which are defined in the Mobile Device Standard.

  • °ÄÃÅ¿ª½±½á¹û sensitive data should not be stored on portable computing devices. However, in the event that there is no alternative to local storage, all sensitive °ÄÃÅ¿ª½±½á¹û data must be encrypted using approved encryption techniques and password protected.
  • °ÄÃÅ¿ª½±½á¹û sensitive data must not be transmitted via wireless communication to or from a portable computing device unless approved wireless transmission protocols along with approved encryption techniques are utilized.
  • All remote access to °ÄÃÅ¿ª½±½á¹û information resources must use a Murray State University approved communication channel (e.g., Virtual Private Network (VPN), and web-based access to resources provided using the web, etc.).
  • Computer systems not owned by °ÄÃÅ¿ª½±½á¹û that require network connectivity must conform to °ÄÃÅ¿ª½±½á¹û's information security policies and procedures.
  • All mobile computing devices must have approved virus and spyware detection/protection software along with personal firewall protection (where applicable).
  • Unattended portable computing devices must be physically secured.  

5.0 Enforcement 

Anyone found to have violated this policy may be subject to disciplinary action according to personnel policies and procedures. Students may be referred to Student Affairs for discipline. A violation of this policy by a temporary worker, contractor or vendor may result in action up to and including termination of their contract or assignment with °ÄÃÅ¿ª½±½á¹û.

6.0 Definitions

°ÄÃÅ¿ª½±½á¹û Network

Being connected to a °ÄÃÅ¿ª½±½á¹û network includes the following:

  • If you have a network capable device (ex. laptop) plugged into a °ÄÃÅ¿ª½±½á¹û owned building, then you are connected to the MSU LAN (local area network).
  • If you have a wireless capable device (ex. laptop, iPhone) and connect to MSUWireless or MSUSecure, then you are connected to the MSU WLAN (wireless local area network).
  • If you connect from a computer through the °ÄÃÅ¿ª½±½á¹û VPN (virtual private network), you are then connected to the MSU LAN (local area network).


Policy adopted:  02-25-2011
Revision adopted: 
Policy approval and adoption: °ÄÃÅ¿ª½±½á¹û President's Office and Information Systems Security

Take the next step

© °ÄÃÅ¿ª½±½á¹ûWe are Racers.