Policy: Traveling With a Work-Device [Needs Input]
What is our policy about traveling with a work device?
When traveling outside one of <Company> corporate offices with work devices, employees must request manager approval and IT Security clearance at least one week before travel (dates of travel must also be approved). Note that <Company> may restrict or prohibit devices from being brought into some countries.
IMPORTANT: "MAY" indicates what is permitted, "MAY NOT" indicates what is not permitted.
What is our security policy when traveling to high-risk countries?
Device restrictions
To minimize data and cybersecurity risks:
- Employees MAY NOT take laptops to the following countries due to high cyber-security risks:
- Russia
- China (including Hong Kong)
- Employees MAY NOT take -issued devices, such as laptops, WiFi device, anything really, to US-embargoed countries, such as:
- Cuba
- Iran
- North Korea
- Syria
- Sudan
- Employees MAY NOT transit devices through the aforementioned countries (employees must route travel accordingly).
Device allowances
Employees MAY take and use work devices where already has offices:
- <U.S.>
- <Country name>
- <Country name>
Customer data restrictions
Employees MAY NOT access customer data outside of the countries where currently has offices. Customer data is user-generated content (UGC) such as messages, uploaded files, file names, channel names, team names, profile data, posts, search queries, etc; that is, any data the user inputs while using .
What is our security policy for traveling to low or non-risk countries?
Employees who have not yet received security approval to travel to a low or non-risk county, should provide the following information to <Company's> IT Security team. This should be done as soon as travel is expected, but at least one week before travel:
- Travel dates
- Business reason for travel
- Countries to be visited
- Employee's business function
Updated about 1 year ago