1. Purpose

The purpose of this policy is to protect the organization’s information, systems, and infrastructure from cyber threats, unauthorized access, and data breaches, ensuring the confidentiality, integrity, and availability of organizational assets. This policy includes specific guidelines for using Apple Wallet and Google Wallet for access control.

2. Scope

This policy applies to all tenants, contractors, vendors, and other stakeholders who access the organization’s facilities, systems, or handle organizational data using Apple Wallet or Google Wallet for access control. This policy specifically applies to access control at 101 Collins St.

3. Acceptable Use

Tenants must use Apple Wallet or Google Wallet credentials solely for organizational purposes and not share access credentials with unauthorized individuals.

Apple Wallet and Google Wallet credentials must only be installed on devices registered with the organization’s mobile device management (MDM) system.

Users must not attempt to bypass or tamper with access control mechanisms.

4. Access Control

Access to facilities or systems via Apple Wallet or Google Wallet is granted based on job roles and responsibilities.

Apple Wallet and Google Wallet access credentials are personalized and must not be transferred to other individuals.

Lost or stolen devices with access credentials stored in Apple Wallet or Google Wallet must be reported immediately to 101 Security.

5. Device Security

Devices with Apple Wallet or Google Wallet credentials must have strong passcodes or biometric authentication enabled.

Organizational devices used for access control must be updated with the latest operating system updates and security patches.

Personal devices used for Apple Wallet or Google Wallet access control must comply with the organization’s Bring Your Own Device (BYOD) policy.

6. Data Protection

Access control data and logs must be stored securely and accessed only by authorized personnel.

Any sensitive data transmitted through Apple Wallet or Google Wallet for access control must be encrypted.

Apple Wallet and Google Wallet credentials will be deactivated immediately upon a tenant’s departure or role change.

7. Incident Reporting

All security incidents involving Apple Wallet or Google Wallet credentials, including unauthorized access, suspected credential compromise, or device loss, must be reported immediately to 101 Security.

Users must cooperate fully with investigations related to Apple Wallet or Google Wallet security incidents.

8. Training and Awareness

Tenants must complete training on the proper use and security of Apple Wallet and Google Wallet credentials annually.

The organization will provide periodic updates about best practices for securing mobile devices and Wallet credentials.

9. Policy Violations

Misuse of Apple Wallet or Google Wallet credentials or failure to adhere to this policy may result in the revocation or loss of use of credentials.

Severe violations, such as intentional misuse or credential sharing, may result in legal consequences.

10. Review and Updates

This policy will be reviewed annually and updated as needed to address changes in technology and organizational requirements.

11. Responsibilities

101 Security: Maintain and enforce Apple Wallet and Google Wallet access control protocols, monitor for security incidents, and deactivate compromised credentials.

Tenants: Adhere to this policy, maintain the security of their devices, and report any issues immediately.

Management: Support the implementation of Apple Wallet and Google Wallet access control measures and ensure compliance.