Measure: MobileDeviceUsageRules


Setting up of clear rules for the use of mobile devices. Thus the staff knows how to use mobile devices outside the utility in a secure way. The aim is to ensure data and cyber security also outside of the utility area.


Examples for rules could be the mandatory use of privacy films for monitors or automatic screen locks after a certain time of inactivity. Losses of IT equipment should be reported as soon as possible to the utility. Portable devices should be encrypted. Connections to the utility's network should only be allowed via Virtual Private Network (VPN) connections. A list of mobile devices should exist in the company.

Event source types

Event type

Risk reduction mechanism

Threat Types

Action characteristics

Event Consequences