Mobile phones are a key resource for California Polytechnic State University faculty and staff due to the nature of mobility in the workplace, and to enable communication where conventional telephones or network access is not accessible. Justification for service should have a clear connection to the user’s job travel, field and mobile campus staff, or emergency response team members. Mobile phones may not be issued to student workers, contractors, or to others without a compelling use for this technology.

The university will not reimburse individuals for costs associated with non-university owned or provided mobile phones used for Cal Poly business. This includes, but is not limited to, monthly service and feature charges, usage charges, taxes, fees, and surcharges.

The individual to whom the university-provided mobile phone is assigned is responsible for taking appropriate steps to secure the device, notifying their department’s Telephone Coordinator & ITS Service Desk, and filing a Cal Poly University Police Department report if the phone is stolen or misplaced. The department is responsible for covering replacement costs.

By submitting a mobile phone request to ITS, the user is acknowledging they have read and agree to the following.

Cal Poly Mobile Device Use Agreement

This Mobile Device Use Agreement (“Agreement”) outlines the terms and conditions for the appropriate use of mobile devices that access Cal Poly services, systems, or data. By signing this Agreement, the user acknowledges and agrees to comply with the policies set forth below.

1. Purpose of Mobile Device Use

I agree to utilize the mobile device primarily for communication purposes such as voice calls, email, messaging, calendaring, and other related functions that support university operations. I agree to review the Mobile Phone Service Guidelines at:

Mobile Phone Guidelines

State-owned mobile phones are not intended for use as Level 1 or Level 2 data storage. ITS is not responsible for improper use of state-owned devices. These data classifications are defined in the California State University (CSU) Data Classification Standard, available at:

https://calstate.policystat.com/policy/18314228/latest#autoid-evwww

2. Restrictions on Mobile OS Registration

I agree not to use my Cal Poly-issued email address as a personal account identifier when registering with mobile operating system providers such as Apple, Samsung, or Google.

I agree to use my Cal Poly email address solely to create or register business accounts with these providers when required for university business purposes.

3. Data Storage and Cloud Backups

I agree not to store Level 1 or Level 2 data in any cloud service not provided by or officially endorsed by Cal Poly, including but not limited to:

Personal cloud storage accounts (e.g., Google Drive, iCloud, Dropbox)

Cloud backups automatically created by the mobile operating system

If cloud storage or backup is necessary, only university-supported services explicitly approved for such purposes may be used.

4. Processing of Sensitive Data

Any processing, transmission, or handling of Level 1 or Level 2 data must be conducted exclusively through Information Technology Services (ITS)-supported applications and platforms that meet university security standards and compliance requirements.

Acknowledgment and Agreement

By submitting a mobile phone request, I acknowledge that I have read, understand, and agree to abide by the conditions set forth in this Mobile Device Use Agreement. I understand that non-compliance may result in revocation of access, disciplinary action, or other appropriate measures consistent with Cal Poly policies and procedures.

The ITS Service Desk initiates all mobile phone transactions using the established government contract with Verizon Wireless. Price and equipment availability are determined by the carrier and subject to change without notice. Contracted plans may require multi-year commitments. Early termination fees, if applicable, will be charged to the department.

Responsible use

University-provided mobile phones may only be used by the authorized recipient. Authorized recipients must return their phones when leaving the University or when a change in responsibilities removes them from eligibility. All data must be completely removed from the phone before it can be reassigned or when the authorized recipient leaves the University.

All costs associated with the mobile phone will be borne by the department that requests the device and supporting services. These costs include, but are not limited to purchase, equipment replacement, service activation, monthly service and feature charges, usage, equipment and accessories charges, insurance, taxes, early termination fees (as applicable), and surcharges.

Mobile phones will be administered through the University’s mobile device management program. The authorized recipients may not tamper with or circumvent these administrative settings.

All university data should be backed up to your Cal Poly OneDrive account. Instructions for saving files to OneDrive on an iOS device can be found on Microsoft’s Support page. Transferring personal data from an old phone to a new phone is not recommended or supported.

Security

Hot spots

To ensure compliance with Cal Poly Information Security device standards, use of any "hotspot" services require that the university-owned smartphone be physically tethered to the mobile device (e.g. laptop). It is the responsibility of the user to consult with ITS prior to implementing tethered "hotspot" services for university-related business, to ensure a secure and appropriate configuration to protect university data and resources. Any exception to this tethering solution will be reviewed on a case-by-case basis accompanied by a business reason provided by the department. ITS Management will consider and provide approval if/as appropriate. The ITS Service Desk does NOT provide support for alternative solutions.

Also, see:

Faculty and staff may not transfer existing personal mobile services (non-Cal Poly ) to our Cal Poly Verizon Wireless government account. Service requests require a new contract with the vendor and so a new wireless number is generated.

State employees may transition their assigned Cal Poly mobile number to their personal mobile phone via the Transfer Mobile Service from a State to Personal Phone process.

The Telephone Coordinator should submit a Campus Phone Services request via the Support Center.
The ITS Service Desk will notify the telephone coordinator and employee via email when the mobile phone number is available for assumption of liability.
Then the employee will call Verizon Wireless at 800-922-0204 to finalize their new account.

Mobile phones purchased on the Cal Poly government account with State funds are university property. If mobile phone service is canceled, or an employee is transferred to another university department or leaves university, the mobile phone must be returned to the department that purchased the device. Or the department where the employee transfers may request to change the billing chartfield so the mobile service is billed to the new responsible department instead.

If an employee is leaving Cal Poly but assuming liability for their mobile phone number via Transfer Mobile Service from a State to Personal Phone , a new phone must be purchased, and the old phone returned to the department via the telephone coordinator. The department may keep the device to re-purpose to another department employee, retain it as a "back-up" phone, or surplus the property. (Old mobile phones are surplused via the Facilities Help Desk at 6-5555, so please call for the drop off location in Building 70.) All sensitive data must be removed from the device by the user or tech support team before it is reused.

University mobile numbers that are canceled with Verizon Wireless are no longer the property of Cal Poly and are returned to the carrier's pool of numbers. Therefore, mobile numbers are not available for reactivation per Verizon’s policy.

The Cal Poly account is a government account, therefore, our mobile providers cannot provide call blocking services to stop unwanted or solicitation calls. But calls may be individually blocked through the recent calls menu on the mobile phone. And text messages can be blocked by texting STOP to each unsolicited message.

As an alternative for unwanted calls, users can add their mobile number to the National DO NOT CALL Registry. The process includes registration of your mobile number using your Cal Poly email address, and responding to an email verification of the request. Most telephone marketers should not call your number once it has been on the registry for 31 days. If they do, you may file a complaint on this same website. You can also register your home or personal mobile phone for free and your registration will not expire. Phone numbers placed on the National Do Not Call Registry will remain on it permanently due to the Do-Not-Call Improvement Act of 2007.

With department approval, international rate plans can be added to mobile devices (global capable feature phones and smartphones) BEFORE leaving the United States. Employees traveling internationally who need mobile connectivity for their job duties have these options:

Global rental: For travel less than 21 days (about 3 weeks) , the telephone coordinator should contact Verizon's Global Travel Program at 800-711-8300 to arrange for a rental phone to be obtained and paid for with their department credit card. Process requires 5 days for Verizon to complete the transaction and the user to receive the device. Transaction does not require a Mobile Phone Request as it is handled by the department.
Temporary use global mobile phone purchase: User can purchase an international phone upon arrival in the country, available at the airport. Costs for the mobile phone and all calls may be included in the Travel Expense Claim when the employee returns. Transaction does not require a Mobile Phone Request as it is handled by the department.
Rate plan change: If travel is outside the United States (including Mexico and Canada) with a Cal Poly Mobile Phone, the Telephone Coordinator should submit a New Mobile Phone or Service Change via the Support Center so the rate plan can be changed. Government Nationwide International Voice, Email & Data plans with unlimited data, per minute voice allowances and messages per month are available for a full Verizon Wireless bill cycle plus any additional days, if needed. Plan dates must include one day before departure and one day after return to the United States. Requires 5-day lead time for the ITS Service Desk to process.

Faculty, staff or students with personal mobile devices should contact their phone service providers directly.

Director or Department Head and Department Telephone Coordinator

Initiate mobile phone service requests.
Ensure mobile phones are properly tagged by Property Accounting.
Inform staff members regarding campus guidelines for mobile phone use.
Review mobile bills each month and validate the legitimacy of calls made to and from the mobile phone.
Review the mobile bill each month with the mobile phone user to identify personal calls, and what, if any, amount is owed to the university.
In conjunction with the ITS Service Desk, periodically review mobile bills to determine if there is a more cost-effective mobile service plan based on individual usage.
Coordinate the repair of mobile phone equipment with the ITS Service Desk.
Coordinate replacement of lost or stolen mobile phone or equipment with the ITS Service Desk.

Mobile Phone User

Ensure that the mobile phone is used in a fiscally responsible manner.
Ensure that the mobile phone is properly secured.
Contact the Telephone Coordinator and the ITS Service Desk as soon as possible when a mobile phone is stolen or lost. Cal Poly University Police Department must also be notified so a police report regarding the incident is filed in a timely manner.
Review mobile bill and complete the reimbursement for personal calls monthly. Submit a personal check to cover the cost of personal calls to the University Cashiers Office for deposit to the department’s account number.
Transferring personal data, such as pictures or contacts, is out of our service scope and must be completed by the employee. Apple Support is available to assist at 800-275-2273.
Upload university data from a mobile device to a Cal Poly OneDrive account. Instructions for saving files to OneDrive on an iOS device can be found on Microsoft’s Support page.

ITS Service Desk

Serve as campus contact for all department funded mobile phone transactions.
From time to time, review mobile usage to recommend cost effective mobile plans. This information will be forwarded to the department Telephone Coordinator for consideration.

Protecting your university-owned or personal mobile device from malicious programs or people seeking to exploit university data or personal information is critical. This guide provides essential tips for safeguarding your smartphone from potential security risks. Please reach out to the IT Service Desk through a Campus Phone Services Request for any questions or clarifications regarding these recommendations. Pay attention to any security related announcements from ITS.

Use Strong Device Locks

Enable a strong passcode, or biometric authentication (fingerprint or facial recognition).
Enable automatic lock for the device’s screen.

Install Security Updates & Update Apps Regularly

Enable automatic updates for iOS/Android and all applications.
Check for updates frequently and install official security updates immediately.

Enable Advanced Security Features

Enable Find My Device or equivalent to track, lock, or remotely wipe your device.
Encrypt your device to prevent unauthorized access.
Enable DUO multi-factor authentication for important accounts on the device.
Install anti-virus software.

Use Secure Communications

Do not open unknown links or files.
Use encrypted messaging services.

Avoid Installing Unrecognized Apps or Apps From Unknown Authors

Only download applications from official repositories like the App Store or Google Play Store.
Review app permissions in security settings to ensure they only have access to necessary information.
Remove any unused apps.

Use Secure Network Connections

Avoid public WiFi networks for sensitive transactions.
Use the Cal Poly VPN when connecting to university applications or services while off-campus.
Disable automatic WiFi and Bluetooth connections and turn them off when not in use.

Back Up and Protect Information

Do not store sensitive personal information on mobile devices, even if the contents are encrypted (e.g., credit card numbers, SSNs, passwords, etc.).
Back up university-related data to Cal Poly OneDrive and enable multi-factor authentication.
Use a password manager like LastPass to generate and store passwords.

Do Not “Root” or “Jailbreak” Your Device

Rooting or jail-breaking your device could disable built in security features of your phone, like the firewall, could install malware on your computer and can make it difficult to regularly pull down security updates.

Do Not Leave Your Phone/Tablet Unattended

Treat these devices as you would treat cash.
Consider using a privacy screen protector.
Do not let anyone use your device other than IT Service Desk staff.
Notify the IT Service Desk and the Telephone Coordinator immediately if your device is lost or stolen.

Other Resources

Traveling Overseas with Mobile Phones, Laptops, PDAs, and Other Electronic Devices - The National Counterintelligence and Security Center
Securing Mobile Devices When Traveling - Indiana University
The Traveler's Guide to Cybersecurity - Syracuse University
Recommendations for Travelers to High Risk Countries - Stanford University
Safety and Security for the Business Professional Traveling Abroad - Federal Bureau of Investigation