Article 45 – Information Security
49020.9.9 Mobile Computing and Storage Devices
-
All mobile computing and storage devices that access the CDCRCalifornia Department of Corrections and Rehabilitation network and/or store CDCRCalifornia Department of Corrections and Rehabilitation data must be compliant with CDCRCalifornia Department of Corrections and Rehabilitation Information Security Policies and Standards. In regard to mobile computing and storage devices, the following provisions shall be followed:
-
High Risk Confidential Information on any stored on mobile computing and storage devices must be encrypted;
-
Any and all mobile computing devices used within the CDCRCalifornia Department of Corrections and Rehabilitation information and computing environments must meet all applicable CDCRCalifornia Department of Corrections and Rehabilitation encryption standards. Mobile computing devices shall be tracked in an information assets inventory;
-
CDCRCalifornia Department of Corrections and Rehabilitation information security policies applicable to desktop or workstation computers apply to mobile computing devices;
-
Employees will delete information from their portable device or portable storage media once it is no longer needed;
-
All CDCRCalifornia Department of Corrections and Rehabilitation laptops shall connect to the CDCRCalifornia Department of Corrections and Rehabilitation network at a minimum of 42 days or another designated time frame to receive updates;
-
Personal long distance calls shall not be made from state-issued handheld devices except as authorized in DOMDepartment Operations Manual Chapter 1 Organizational Structure, Article 12 – Telephones, Facsimiles, and Cellular Type Telephones.
-
Personal local calls shall not be made from state-issued handheld devices except as authorized in DOMDepartment Operations Manual Chapter 1 Organizational Structure, Article 12 – Telephones, Facsimiles, and Cellular Type Telephones.
-