Laptop, Mobile Device and Removable Media Security Policy

This is a copy of our internal policy. We share it to help customers get a better understanding how how we work. The policy will get updated or improved from time to time. You’re welcome to give us feedback by sending an e-mail to security@small-improvements.com.

Small Improvements employees are provided with a laptop to perform their work duties. Most of our security practices are outlined in other documents and policies, this document is mainly an excerpt of the rules that apply to mobile and removable media devices specifically. Please refer to the security code of conduct, password policy, and general security policies for the broader picture.

Guidelines

  • All devices and removeable media have to be protected by a strong password that is not being used elsewhere by the employee.
  • All devices and removeable media have to be encrypted.
  • Firewalls have to be enabled, antivirus and antimalware products have to be enabled when available, and the operating system and browsers have to be updated continuously by the employee.
  • Devices need to get locked manually once the employee leaves them unguarded. Devices have to be configured so they automatically lock down and require re-entry of the password after at most 5 minutes of inactivity.
  • Sensitive data may only be stored on local or removeable devices for a long as necessary to perfom the desired work result, and has to get deleted thereafter.
  • Loss of any device needs to be immediately get reported to management of Small Improvements.
  • Any work-related documents created or edited on these devices remain the sole property of Small Improvements.
  • Any device that will be reused or disposed (laptop, USB stick etc) needs to be securely formatted before doing so.
  • Compay-owner laptop computers and mobile devices may be used for private usage within limitations. Our security code of conduct provides more detailed information.

Please also see our privacy policy.