1.0 Purpose

The purpose of this policy is to ensure the security of information residing on workstations and mobile devices, as well as information that users can access through them. This policy defines procedures and restrictions for all end-users with legitimate business use connecting mobile devices to Roboto Studio’s digital resources and data.

2.0 Scope

All Roboto Studio employees, contractors, and vendors with Roboto Studio-owned or personal workstations and mobile devices connected to the Roboto Studio information systems are covered under this policy.

3.0 Policy

3.1 Operational Safeguards

The following operational safeguards shall be implemented:

• Devices shall be updated regularly with the latest vendor software updates and Roboto Studio supported OS.
• Enable disk encryption for all devices accessing Roboto Studio’s resources.
• Devices shall be configured with a secure password that complies with Roboto Studio’s policy.
• Only devices managed by IT or authorized by IT shall be allowed to connect directly to Roboto Studio’s resources.
• Install and enable security features such as firewalls, anti-virus, and anti-malware software.
• Devices shall access the corporate data through the internet using a Transport Layer Security (TLS) connection.

3.2 User Requirements

• Users shall only load corporate data essential to their role onto their workstations or mobile device(s).
• Users shall report all lost or stolen devices to Roboto Studio immediately.
• Devices shall not be “jailbroken” or “rooted.”
• Applications shall only be installed from official platform-approved sources (device stores). Installation of applications from untrusted sources is forbidden.
• Devices shall be encrypted in line with Roboto Studio’s compliance standards.

3.3 Physical Safeguards

Physical access to workstations and mobile devices shall be restricted to authorized personnel. Employees shall prevent unauthorized viewing of information on a screen by:

• Securing devices (screen lock or logout) before leaving the area to prevent unauthorized access.
• Enabling a password-protected screen saver with a short timeout period.

3.4 Mobile Device Management Remote Wipe

By connecting to Roboto Studio technology resources, mobile devices gain the capability of being wiped remotely by Roboto Studio. A remote wipe will only be initiated if Roboto Studio deems it appropriate.

3.5 Management and Administration

Roboto Studio shall ensure that workstations and mobile devices have all critical security updates patched and installed promptly.