Management and Use of Mobile Devices in Banking Activities

According to Article 11 of Circular 09/2020/TT-NHNN (Effective from January 01, 2021), the management and use of mobile devices are regulated as follows:

- Mobile devices connecting to the organization's internal network must be registered for control.

- Limit the scope of connection from mobile devices to the organization's services and information systems; control connections from mobile devices to the information systems allowed for use in the organization.

- Specify the responsibilities of individuals in the organization when using mobile devices for work purposes.

- Mobile devices used for work must implement the following minimum technical measures:

+ Set up the function to disable, lock the device, or delete data remotely in case of loss or theft;

+ Back up data on mobile devices to protect and restore data when necessary;

+ Implement measures to protect data during warranty, maintenance, and repair of mobile devices.

- For mobile devices that are organizational assets, in addition to applying the provisions of Clause 4 of this Article, the organization must implement the following minimum technical measures:

+ Control the software installed; update software versions and patches on mobile devices;

+ Use features to protect personal information, internal information, and confidential information (if any); set up secret lock codes; install software to prevent malware and other security defects.

The above is the content regarding the management and use of mobile devices in banking activities according to the latest regulations.

Sincerely!