The cell phone policy of a company is merely a list of rules and guidelines that explain the dos and don’ts of using a cell phone in a work environment and during working hours. For the specific purpose of this policy, a cell phone can be defined as any device that is used to make or receive calls, send or receive media content, browse the internet or download files. This also includes company provided cell phones and any other smart devices capable of performing the same functions.
The inappropriate use of cell phones can result in risk exposure as well as loss of information for the company. This can potentially lead to damaging consequences. For a company, one of their primary resources are their employees, and a majority of them have a cell phone. Since cell phones play a vital role in the employees’ personal as well as professional lives, it is essential to document clear rules and regulations that allow for fair usage without compromising company security.
The primary audience for this document is:
- Small business owners who are in charge of employee management
- HR departments of small, medium or big size companies
- Policy owners or departments who are in charge of framing essential guidelines for their companies
It is a good practice to start by defining the boundaries of the policy. Most common criteria to determine the range include the type of the company, the industry which it operates in, the size of the company and the strength of employees. Another common practice is to segment the policy and customise it based on the seniority level of employees. While policy guidelines for personal phones are necessary, it is useful to have a separate section for company provided phones.
Template Structure and Design
It is recommended to divide the entire policy into various sections. Each section should contain a brief description of the area of the cell phone policy that you want to cover. It is recommended to use a bullet point guideline or a checklist containing questions that help in capturing all the significant points. It is a standard practice to use a word document to record the entire physical security policy of your organisation.
It is also a good idea to have a separate page which contains information such as the version of the cell phone policy, last audit date, department or individual responsible for the ownership of the document, single point of contact and other necessary information. More details can be added later as per requirement.
Now that the scope and basic structure is in place let’s talk about the various sections that you need to include as a part of the cell phone policy for your company. Along with brief explanations, we have also provided some examples of the policy statements you can use for each segment.
Use of Personal Cell Phones
This section deals with the company guidelines and regulations for the personal cell phones of employees. Since all employees have their phones with them all the time, it is vital to inform them of the security risks that arise due to irresponsible usage. Additionally, a workplace environment should be a place for productivity and creative thinking. It is essential to lay down the rules that prevent other employees from getting disturbed or distracted because of inappropriate cell phone usage.
Listed below are various subsections and examples of policy guidelines that can be included in the template.
Personal Cell phones for business purposes: Clear rules regarding the company policy on use of personal phones for business requirements should be highlighted here. It is essential to bifurcate between the dos and don’ts of cell phone usage.
- The method of personal cell phones for business purposes should be strictly limited to “on necessary need” basis only.
- The company would provide the appropriate reimbursement for business related calls from personal devices only if the employee provides the relevant proof as per the refund policy.
- All necessary phone calls made for business purposes should strictly follow professional standards of conduct and decency.
Personal Cell phones for personal use: This section should highlight guidelines regarding the use of cell phone during working hours for personal reasons.
- The method of personal cell phones for personal reasons should be limited to absolute necessity basis and only for matters that require immediate attention.
- The employees should avoid the use of personal cell phones for activities that disturb fellow employees or violate the decorum of the office environment.
- Employees are encouraged to use own cell phones in cases of legitimate security concerns.
Use of Company provided cell phones
Some companies provide their employees with a cell phone to use for business-specific calls and requirements. Since these phones are the company’s assets, it is important for the company to lay down specific rules and guidelines for their use. These policies inform the employees regarding the right usage of the company provided phones but more importantly informs them about the disciplinary actions in case of policy breach.
- The company provides cell phones only to those employees whose job roles require them to discuss business related matters on a daily basis.
- The company holds the right of discretion to provide cell phones to its employees as it sees fit
- Company provided cell phones like all other company assets are to be used strictly for business communications only
- Employees need to follow the rules for domestic and international calls as well as the data plans according to company policy and do it “on need” basis.
- Employees need to maintain discretion and keep the personal usage to a minimum while using company provided cell phones
- In case the company provided cell phone be lost, stolen or damaged, the employee should immediately inform the supervisor and update the record
Security Policies on cell phone usage
Cell phones are essentially media devices and can be used to carry sensitive and confidential information outside the company premises. This activity exposes the company to multiple risks and threats which can eventually lead to a huge loss or disruption in business processes. Especially, the company needs to document guidelines related to photography and videography and communicate it to the employees to avoid any unwanted activity.
- Employees should avoid using the cell phones for any unethical, illegal, disruptive or unprofessional activities that jeopardise the company or business in any way.
- Employees should avoid photography or videography in prohibited areas inside the company campus as well as in workspaces.
- Employees should ensure that no sensitive information is being recorded and sent to third parties without prior approvals
Access Control for cell phones
Many times, a company or an organisation is working in collaboration with other clients and hence is responsible for the protection of client information. In these situations, access control becomes very important, and the company should enforce strict cell phone policies. Additionally, many companies have their IP and Innovation centres where they work on proprietary products and processes. This kind of information is compassionate, and the company should protect it from hostile sources who try to steal it or corrupt it.
- Employees would be allowed to take their cell phones inside specially protected areas like IP & Innovation centres and Client dedicated Centres
- Employees would be permitted to carry cell phones inside specially protected areas only with prior approvals and permits from the appropriate authority
Cell Phone Policy for Third Party Agents
Almost every company has to interact with third-party agents like contractors, agencies or part-time workers. This means that external people who are not core employees of the company enter the premises from time to time. It is vital to have stringent rules and guidelines in place for dealing with cell phones of these third-party agents. The scope should include everything from the first physical checkpoint at the entry gate to the most critical buildings of the company.
- Each third-party agent has to register his cell phone at the first security checkpoint before he enters the company premises
- Third party agents would not be allowed to carry their cell phones inside critically sensitive areas of company premises
- Third party agents would not be allowed to record or perform videography or photography inside the company premises
General guidelines for cell phone usage
- The company expects that employees would keep their cell phones in Silent Mode or at the minimum Vibrate Mode during meetings or important conferences and seminars inside the company premises.
- Employees should show discretion while discussing highly sensitive matters over a cell phone since it is prone to corruption and hacking by hostile third parties.
- Employees should ensure that they avoid the use of cell phones while motor driving or working on important data or some delicate piece of equipment inside the company premises.
Provisions for policy breach
It is good practice that the company or organisation is prepared with a specific set of processes and actions in case a breach in the guidelines as mentioned above is detected. In most cases, a provision involves appropriate disciplinary action against the perpetrator. Following guidelines ensure that the organisation has the necessary ways to act against policy breaches.
- Usage of the cell phone for illegal, dangerous or risky activities may result in the employee getting terminated from the organisation.
- Improper and continued use of cell phones during office hours may result in disciplinary action towards the employee.
- Improper use of company-provided cell phone may result in the employee rights and privileges being revoked.
- The employer reserves the right to monitor employees for improper and excessive use of cell phones in the workplace during the work hours.
- Employees are subject to strict disciplinary action if the employee cell phone activity results in a security breach or loss of confidential information.
Permissible Cell Phone Activities
It is a good practice to provide the employees with a list of guidelines that are safe to practice on company premises.
- Employees are allowed to use productive apps in the workplace if it helps in increasing operational efficiency and internal management
- Employees are encouraged to check personal phones and messages during the break or lunch hours
- Employees are encouraged to use own cell phones in the in the cafeteria
Once the cell phone policy is documented and approved, it is necessary to ensure that employees are aware of it. For new employees, the organisation should include this policy as a part of their induction programme. For other employees, the company should remind those regarding necessary updates and critical points at regular intervals.
That’s it. You now have the necessary template to plan, initiate and execute the cell phone policy for your organisation. Keep in mind that this checklist aims to provide you with a basic toolkit and a sense of direction as you draft your template. It is eventually an iterative process, and the organisation can design and tailor it to serve their specific purposes based on the industry.
If this is the first cell phone policy template for the organisation, it should serve as a baseline for all future updates to the model. The best way to improvise is to keep on comparing with the past template and implement new changes as you encounter success and failure. The habit of updating the model and regular checks help in creating the right atmosphere ensures that your organisation remains in the best possible condition to protect against any unwanted threats and risks.