• Cellular service will only be provided by approved GVSU vendors.
• Executive Officers are responsible for approving cellular device services before one is provided to an employee. Requestor should present written plan and recommendation, demonstrating the need to provide a cell phone to the appropriate executive officer and send via email, both the request and the approval, to  IT Services  at [email protected].
• Upon approval, IT will arrange the purchase  and set up department billing for device and service. Monthly plan reimbursement by travel and expense requisition will not be permitted. Adding family devices/services will not be permitted.
• The primary purpose of the device is for university business, however, personal calls are permitted.
• It is the responsibility of the employee to keep the phone and applications up to date with the most recent releases.
• If a device reaches end of life, employee must upgrade to a supported model for security purposes.
• Right of privacy laws do not apply as the device is the property of the university.
• Detailed reporting  will be provided to an Executive Officer upon request by Information Technology.
• Information Technology tracks usage, plans and expenditures and works with the service providers to structure GVSU’s cellular plans in the most efficient and cost effective way.

• This policy applies to cellular devices paid for by GVSU.

GVSU Security Framework References

• Cellular devices are not currently in scope for GVSU security framework
• NIST Security Framework: ID.AM-1; PR.AC-1; PR.DS-3
• Critical Security Controls (CSC): CSC 1.4; CSC 7.4; CSC 8.1; CSC 13.1