Workstation and Mobile Device

Workstation and Mobile Device


1.0 Purpose

The purpose of this policy is to ensure the security of information residing on workstations and mobile devices, as well as information that users can access through them. 

This policy defines procedures and restrictions for all end-users with legitimate business use connecting mobile devices to Voyages Encore Travel Inc.’s corporate network, digital resources, and data. The Workstation and Mobile Device policy applies, but is not limited to, all devices and accompanying media that fit the following classifications:

  • Laptop/notebook/ultrabook computers
  • Workstations
  • Smartphones
  • Other mobile/cellular phones
  • Tablets
  • Portable media devices
  • Wearable computing devices
  • Any other mobile device capable of storing corporate data and connecting to a network

2.0 Scope

  • All Voyages Encore Travel Inc. employees, contractors and vendors with Voyages Encore Travel Inc.-owned or personal workstations and mobile devices connected to Voyages Encore Travel Inc. network. 
  • Applications used by employees on their personal devices that store or have access to corporate data, such as cloud storage applications, are also subject to this policy.  

3.0 Policy

Appropriate measures must be taken when using workstations and mobile devices to ensure the confidentiality, integrity and availability of sensitive information. 

Voyages Encore Travel Inc. shall implement safeguards to restrict access to authorized users for all devices with access to corporate information.

Users shall consider the sensitivity of the information that may be accessed and minimize the possibility of unauthorized access. 

3.1 Operational safeguards

The following operational safeguards shall be implemented:

  • Devices shall be updated on a regular basis with the latest vendor software updates and Voyages Encore Travel Inc. supported OS. 
  • An encrypted password storage solution should be used if users store their passwords on the same device.
  • Enable disk encryption for all devices accessing Voyages Encore Travel Inc.’s resources.
  • Devices shall be configured with a secure password that complies with Voyages Encore Travel Inc.’s policy. 
  • Enable a password-protected screen lock with a short timeout period to ensure that idle workstations and mobile devices are protected.
  • Only devices managed by IT or authorized by IT shall be allowed to connect directly to Voyages Encore Travel Inc.’s resources. 
  • Install and enable security features such as firewalls, anti-virus and anti-malware software.
  • Restrict the use of USB (Universal Serial Bus) flash drives and other portable storage media in Voyages Encore Travel Inc. to prevent the introduction of malware and information leakage or data loss.
  • Where applicable, devices shall be subject to the security and compliance rules such as encryption, password, key lock, etc. The IT department shall enforce these policies using Mobile Device Management (MDM) software whenever possible.
  • Any attempt to bypass the MDM implementation will result in immediate disconnection from all corporate resources.
  • All personal mobile devices attempting to connect to the corporate network through the internet shall be inspected by Voyages Encore Travel Inc.’s IT department.
  • Devices not supported by IT are not in compliance with IT’s security policies or represent any threat to the corporate network, or data will not be allowed to connect. 
  • If wireless network access is used, ensure access is secure by using the highest generally accepted wireless security encryption standard.
  • Devices shall access the corporate network and data through the Internet using a Secure Socket Layer (SSL) or Virtual Private Network (VPN) connection.

3.2 User Requirements

  • Users shall only load corporate data essential to their role onto their workstations or mobile device(s).
  • Users shall report all lost or stolen devices to Voyages Encore Travel Inc. IT immediately. 
  • Suppose a user suspects that unauthorized access to Voyages Encore Travel Inc. data has taken place via a device. In that case, they shall report the incident in alignment with Voyages Encore Travel Inc.’s incident handling process. Voyages Encore Travel Inc. requires these incidents to be reported to the Encore Service Desk without fail.
  • Devices shall not be “jailbroken” or “rooted” or have any software/firmware installed designed to gain access to functionality not intended to be exposed to the user. 
  • Users shall not load pirated software or illegal content onto their devices. 
  • Applications shall only be installed from official platform-approved sources (device stores). Installation of applications from untrusted sources is forbidden.
  • Devices should be kept up to date with the manufacturer or network-provided patches. 
  • Devices shall be encrypted in line with Voyages Encore Travel Inc.’s compliance standards. 
  • Users should be cautious about the merging of personal and work email accounts on their devices. They must ensure that Voyages Encore Travel Inc.’s data is only sent through the corporate email system. If a user suspects that Voyages Encore Travel Inc.’s data has been sent from a personal email account, either in the body text or as an attachment, they must notify Voyages Encore Travel Inc.’s IT immediately at Encore's Service Desk.
  • For mobile devices, the user is responsible for the backup of their personal data as Voyages Encore Travel Inc. will accept no responsibility for the loss of files due to a non-compliant device wiped for security reasons. 

The above requirements will be checked regularly by users and the IT Team. Should a device be non-compliant, resulting in the loss of access to email or data, a device lock, or in severe cases, a device wipe will be activated. 

*** To jailbreak/root a mobile device is to remove the limitations imposed by the manufacturer. Jailbreak/root gives access to the operating system, thereby unlocking all its features and enabling unauthorized software installation.***

3.3 Physical Safeguards

Physical access to workstations and mobile devices shall be restricted to authorized only personnel. Employees shall prevent unauthorized viewing of information on a screen by:

  • Securing devices (screen lock or logout) prior to leaving the area to prevent unauthorized access. 
  • Enabling a password-protected screen saver with a short timeout period to ensure that devices are protected when left unattended.
  • Keeping food and drink away from devices in order to avoid accidental spills. 
  • Securing laptops that contain sensitive information by using cable locks or locking laptops up in drawers or cabinets. 
  • Ensuring that screens/monitors are positioned away from public view. If necessary, install privacy screen filters or other physical barriers to public viewing. 

3.4 Mobile Device Management Remote Wipe

By connecting to Voyages Encore Travel Inc. technology resources, mobile devices gain the capability of being wiped remotely by Voyages Encore Travel Inc. IT department.

When the user or the IT department initiates a remote wipe, the user’s mobile device will be wiped of all data and settings. Wiping data, documents, files, settings, and applications in the event a device is lost, stolen, or compromised in any way is critical to protecting our company and its confidential data.

Voyages Encore Travel Inc. recommends that users backup personal data frequently to minimize loss if a remote wipe is necessary.

A remote wipe will only be initiated if IT deems it appropriate. Examples of situations requiring remote wipe include, but not limited to:

  • A lost, stolen or believed to be a compromised device
  • A device that contains an app known to contain a security vulnerability
  • A device that is not compliant and or does not grant inspection with the Voyages Encore Travel Inc.’s policy
  • The device belongs to a user that no longer works with or has exited Voyages Encore Travel Inc.
  • Termination of employment in which the user has not already cleared all Voyages Encore Travel Inc. data by another method approved by IT

3.5 Management and Administration 

The Information Technology department shall ensure that workstations and mobile devices have all critical security updates patched and installed in a timely manner. 


    • Related Articles

    • Information Security Policy

      1.0 Introduction Voyages Encore Travel Inc. (“Encore”) is committed to safeguarding the confidentiality, integrity and availability of all physical and electronic information assets of the organization to ensure that regulatory, operational and ...

    • [12/04/2024] New Security Access Policies

      WHO WHO’S IMPACTED BY THE CHANGE? All Encore and Zii employees WHAT WHAT’S CHANGING? Conditional Access policies are being updated to enhance security by enforcing modern authentication, applying stricter controls for risky sign-ins. WHY WHY WAS THIS ...

    • Security Awareness Training Policy

      1.0 Overview Security awareness training is the process of educating employees on the risks and best practices of cybersecurity. It aims to equip them with the knowledge and skills to protect themselves and the organization from cyber threats. ...

    • What to Do When Your Computer Is Running Slow

      If you notice your computer running slower than usual, there are several quick steps you can take before contacting the Service Desk. These actions resolve the majority of performance‑related issues and help keep your device running efficiently. 1. ...

    • Acceptable Use Policy

      1.0 Purpose The purpose of the Acceptable Use Policy (the "Policy") is to outline the acceptable use of Voyages Encore Travel Inc.’s computing and network resources ("IT resources") as well as other organizational assets. These rules are in place to ...