Area(s): ☐ Process ☐ Procurement ☒ Security ☒ Hardware ☐ Web
☐ Facility ☒ End-User ☒ Software ☐ Network ☐ Data
☒ Voice ☐ Audit ☐ Other
Replaces Other Policy: ☐ No ☒ Yes: Maryland Mobile Device Security Policy, DoIT, June 2017
Purpose: Provide procedures for State agencies to use in managing mobile IT devices issued by the agency or
provided by the employee, including technical settings, security controls, inventory, and financial elements.
Policy Statement: Utilization of mobile computing and communication devices by State agencies continues to
increase, be incorporated into core mission processes, and be connected to State information technology (IT) systems.
These devices include those provided to employees by DoIT, other State agencies, and BYOD units that the employees
own and want to operate with State IT systems in a manner that may or may not qualify for State BYOD reimbursement
programs. To provide the proper level of operational, security, asset management, and financial controls, DoIT has
established a Mobile Device Management (MDM) Program that State agencies and employees must comply with to be
approved to use mobile devices with State IT systems, be issued devices, or receive BYOD cost reimbursements.
Applicable Law & Other Policy: Annotated Code of Maryland, State Personnel and Pensions Article, Section 2-
308, Code of Maryland Regulations, Title 17, Subtitle 04, Chapter 11, Section .02 B(1)(a). DBM, Maryland State Telework
Policy (2019); Annotated Code of Maryland, State Personnel and Pensions Article, Section 2-308, Code of Maryland
Regulations, Title 17, Subtitle 04, Chapter 11, Section .02 B(1)(a).
Scope and Responsibilities: All executive branch units of State government, except those identified in Maryland
Code, SF&P § 3A-302. Agency executives, managers and staff shall ensure compliance with this policy, procedures, and
standards when ordering, using, or returning mobile devices.
Key Terms:
Bring-Your-Own-Device (BYOD): A mobile device that is personally owned and is properly authorized to connect to State
IT systems (voice, data, video).
Department of Information Technology (DoIT): An executive branch unit of Maryland state government, organized
according to Maryland Code, State Finance and Procurement Article, § 3A.
Mobile Device: a portable and/or wearable hardware device that enables communication and/or computing
capabilities, such as cell phones, tablet computers, smart watches, virtual reality goggles, and headsets.
Policy: A statement of jurisdiction and methods to guide agencies in the management of IT resources and services.
Specifications: See Attachment 1.
Policy Review: By the DoIT IT Policy Review Board annually or as needed.
Contact Information: Chair, IT Policy Review Board, doit-oea@maryland.gov 410-697-9724. The Policy #20-12
steward is the DoIT Director, End User Services.