Language selection

Government of Canada / Gouvernement du Canada

Search

DAOD 6002-3, Management of Mobile Wireless Devices

Table of Contents

  1. Introduction
  2. Definitions
  3. Overview
  4. Operating Principles
  5. Compliance and Consequences
  6. Responsibilities
  7. References

1. Introduction

Date of Issue: 2012-04-18

Date of Last Modification: 2022-10-14

Application: This DAOD is a directive that applies to employees of the Department of National Defence (DND employees) and an order that applies to officers and non-commissioned members of the Canadian Armed Forces (CAF members).

Approval Authority: Assistant Deputy Minister (Information Management) / Chief Information Officer (ADM(IM))/(CIO)

Enquiries:

2. Definitions

mobile wireless device (dispositif mobile sans fil)

A cellular telephone, smart phone, pager, personal digital assistant, cellular modem or any other mobile device with an integrated capability for utilizing wireless telecommunication services. (Defence Terminology Bank record number 47433)

transitory information (information éphémère)

Information that is required only for a limited time to complete an action or develop other information. (Defence Terminology Bank record number 696515)

3. Overview

Interpretation

3.1. In this DAOD, “MWD users” refers to:

  1. DND employees and CAF members who have been issued an MWD; and
  2. contractors and other persons who have been issued an MWD by or on behalf of the Deputy Minister of National Defence or the Chief of the Defence Staff.

3.2. In this DAOD, unless the context otherwise requires, any reference to an “MWD” relates only to an MWD issued by the Government of Canada (GC), the DND or the CAF to an MWD user.

Context

3.3. MWDs are an important tool for communication within the DND and the CAF. As such, the DND and the CAF are responsible for ensuring that GC, DND and CAF MWDs issued to MWD users are properly managed in order to ensure their use is secure and effective, and that the resources necessary to support them are used efficiently.

3.4. DND and CAF MWDs are attractive targets for foreign military and intelligence services, and for terrorist organizations, and must be managed accordingly.

3.5. This DAOD should be read in conjunction with:

  1. the DND and CAF IM and IT Policy Framework;
  2. DAOD 6002-1, Management of Information Technology; and
  3. other relevant IT policies, directives, instructions, standards and guidelines.

Application of DAOD 6002-2, Acceptable Use of the Internet, Defence Intranet, Computers and Other Information Technology Systems

3.6. As an MWD is included in the definition "information technology system" (IT system) in DAOD 6002-2, MWD users are also required to comply with applicable provisions in that DAOD when using an MWD.

MWD Support Services

3.7. MWD support services are provided by the following organizations:

  1. Shared Services Canada (SSC) and IT service management centres (SMC) for MWD users located in Canada and the United States of America (USA);
  2. DGIMO for OUTCAN MWD users who are not on deployed operations or OUTCAN Europe;
  3. IT SMC Europe for OUTCAN Europe MWD users; and
  4. Canadian Joint Operations Command (CJOC) for MWD users on deployed operations.

Business Value Authorizers (BVAs)

3.8. BVAs are DND employees or CAF members who have been appointed by their level one advisor (L1) or commander (Comd) of a command or formation to authorize the issuance of a new or replacement MWD for their unit or other organization.

MWD Custodians

3.9. MWD custodians are DND employees and CAF members who have been appointed by their L1 or Comd of a command or formation to manage MWDs on behalf of their unit or other organization.

Objective

3.10. The objective of this DAOD is to provide direction on the use and management of MWDs within the DND and the CAF.

Note – This DAOD does not apply to the use of satellite telephones and their related services.

4. Operating Principles

Issuance

4.1. A new MWD may only be issued to a DND employee or CAF member when the issue is:

  1. recommended by their manager or military supervisor; and
  2. authorized by their BVA as required.

4.2. DND employees and CAF members who authorize the issuance of MWDs to contractors and persons other than DND employees and CAF members must ensure their compliance with this DAOD and DAOD 6002-2 by including appropriate terms in their contracts or by otherwise obtaining their consent to comply.

4.3. The MWD custodian of a unit or other organization may only reissue an MWD to a DND employee or CAF member when the reissue is approved by their manager or military supervisor.

4.4. In accordance with GC, DND and CAF policies, directives and instructions, and local standard operating procedures, a DND employee or CAF member may only acquire an MWD and related services through their DND or CAF mobile service organization or IT SMC.

4.5. An MWD must be managed and supported through a:

  1. DND or CAF IT SMC; or
  2. MWD custodian of a unit or other organization.

4.6. L1s and Comds of a command or formation must establish procedures within their organizations for:

  1. ensuring the appropriate management and use of MWDs, including any cost-recovery action initiated by the Treasury Board;
  2. setting the level of management or supervision for authorizing the use and procurement of MWDs;
  3. planning and allocating sufficient funds for MWD costs incurred by their organizations; and
  4. ensuring that any use of MWDs that might incur additional costs is pre-approved in writing.

4.7. MWD users must read and accept the applicable MWD end-user agreement before an MWD is issued to them. The client acceptance page in the Enterprise Information Technology Service Management (EITSM) self-service portal is used to meet this requirement.

4.8. An on-call or duty-related MWD may be shared. However, the approving authority for this capability must ensure that the MWD is used in accordance with this DAOD and DAOD 6002-2, and that all authorized MWD users sign and accept the applicable MWD end-user agreement that is used by the local unit, other organization or IT SMC, e.g. form DND 4260-E, User Agreement on the Acceptable Use of Mobile Wireless Devices in the DND and the CAF.

4.9. Form DND 4260 is used to inform MWD users of the conditions of use of an MWD and their due diligence responsibilities, and to obtain their consent to comply with the conditions of use and their responsibilities in respect of MWDs. See form DND 4260 for additional information on the conditions of use and due diligence responsibilities.

Official, Authorized, Unauthorized and Prohibited Uses

4.10. MWDs are considered to be IT systems and are therefore subject to DAOD 6002-2, which sets out direction for DND employees and CAF members on the official, authorized, unauthorized and prohibited uses of IT systems. See DAOD 6002-2 for additional information on official, authorized, unauthorized and prohibited uses.

MWD Specific Prohibitions

4.11. It is prohibited for any MWD user to:

  1. connect an MWD to any DND or CAF IT system using a universal serial bus (USB) as the MWD may have the capability to interconnect with an internal or external network and this could compromise the integrity of a DND or CAF IT system;
  2. connect an MWD to any personal device, e.g. a personal computer or personal laptop;
  3. pair an MWD with a smart watch;
  4. tether an MWD by a USB as a tethered MWD may have the capability to interconnect with an internal or external network and this could compromise the integrity of a DND or CAF IT system;
  5. use a non-GC, DND or CAF issued or procured subscriber identity module (SIM) card, including a primary, secondary, dual or embedded SIM card, in an MWD; or
  6. connect a personal MWD or an MWD of another government department to a DND or CAF IT system or network infrastructure.

Permitted MWD Accessories, Pairing, Hotspots and Microsoft Authenticator App

4.12. Only the following accessories may be used with an MWD:

  1. a charging adapter; and
  2. headphones.

4.13. Pairing an MWD with a Bluetooth device, other than a smart watch, is permitted.

4.14. The use of MWD hotspot capabilities is permitted. However, using the hotspot method may use large amounts of data and incur additional cost for the DND and the CAF. See paragraphs 4.6 and 4.16 to 4.20 for additional information on MWD additional costs.

4.15. The Microsoft Authenticator App or alternate authentication method can be installed on any MWD provided that it is registered and configured using the applicable D365 email address.

International Travel

4.16. MWD users on international travel are responsible for ensuring that they do not incur any additional costs to the DND or the CAF unless approved by a DND director, Comd of a command or formation, or commanding officer (CO).

4.17. A separate written approval by a DND director, Comd of a command or formation, or CO is required prior to international travel when an MWD may be used.

4.18. During international travel, an MWD user may use an MWD for official use only.

4.19. All data usage outside the country where the MWD was issued, including social media, email, web browsing, smartphone apps and other similar capabilities, incur additional charges. Voice calls and text messaging while travelling outside the country where the MWD was issued also incur higher charges. MWD users will receive an alert on their MWD if they enter an area where roaming charges apply, and they will receive notification messages when certain data usage thresholds are reached, depending on the country in which they are roaming.

4.20. MWD users can assist in managing MWD costs while on international travel by:

  1. turning off data roaming whenever possible;
  2. using Wi-Fi services;
  3. only opening email attachments that are essential to business;
  4. minimizing texting; and
  5. keeping conversations brief.

4.21. For travel to high-risk countries, MWD users should contact the Travel and Contact Security Program for recommendations. High-risk countries are defined by the GC Travel Advice and Advisories for Destinations at the time of lookup.

Deployed Operations and OUTCAN

4.22. MWDs provided by SSC and IT SMCs are not permitted on any deployed operation without the written authorization of the operational Comd.

4.23. MWDs for deployed operations and OUTCAN are provided by the applicable CAF mobile service provider as follows:

  1. deployed operations – MWD requests for deployed users are coordinated by CJOC J6;
  2. OUTCAN Europe – MWD requests for OUTCAN Europe users are managed by IT SMC Europe; and
  3. other OUTCAN postings – MWD requests for OUTCAN users that are not part of deployed operations or OUTCAN Europe are managed by DGIMO J3.

Use of Additional Capabilities

4.24. Capability modifications to an MWD must be assessed and approved through the DND and CAF IT change management process.

Classified or Protected Information

4.25. MWD users must be aware of and restrict voice and data communications to the approved sensitivity level of the MWD, i.e. Confidential, Secret, Top Secret, or Protected A, B or C. See Section 5 of the National Defence Security Orders and Directives (NDSOD) for additional information on physical security.

Unclassified Information

4.26. MWD users must be aware that information on an MWD that is not sensitive is categorized as unclassified information and can be identified with a caveat, e.g. for official use only or limited distribution. Caveats can restrict access to the information and the information must not be distributed beyond or discussed with anyone other than the intended audience or addressees. See Section 6 of the NDSOD for additional information on the security of information.

Expectation of Privacy

4.27. MWD users have a limited expectation of privacy when using an MWD as it is subject to monitoring for purposes of system administration, maintenance and security to ensure compliance with applicable GC, DND and CAF policies, directives, instructions and standards.

4.28. MWD users must sign out of their Google account or Apple ID before they return their device to enable its reuse or disposal. MWD users must also ensure that they remove all DND, CAF and personal information from their MWD by completing a factory data reset for an Android phone or resetting all content and settings for an iPhone. MWD users must transfer all information assets to a corporate repository, e.g. RDIMS or GCdocs, before resetting their MWD. See paragraphs 4.38 and 4.39 for additional information on information management (IM) practices.

Review of MWD Records

4.29. To ensure the cost-effective and authorized use of an MWD, an MWD approving authority may periodically, or as directed by their L1, DND or CAF organization, or IT SMC, examine detailed records of MWD usage.

Cost Recovery for Personal Use

4.30. MWD users must identify any personal use of an MWD and refund the cost to the Receiver General for Canada. The applicable L1 or Comd of a command or formation must establish procedures in their organizations for the implementation of cost recovery for personal use. See paragraph 4.5 of this DAOD and DAOD 6002-2 for additional information.

IT Asset Management

4.31. The requirement for an MWD may be assigned to:

  1. a DND employee or CAF member who may retain their MWD when they move within the DND or the CAF in Canada; or
  2. a position within a unit or other organization, which may be reassigned to another position within that same unit or other organization as required.

4.32. MWD users who are returning their assigned MWDs, for example, when retiring or leaving the DND or on release from the CAF, or on a posting outside Canada, must:

  1. submit the return mobile device service request by the EITSM self-service portal for Canada and USA mwd users, or by the applicable CAF mobility service; and
  2. return any assigned MWDs to their MWD custodian, manager, military supervisor, CO or Comd of a command or formation.                   

4.33. MWD users who are moving within the DND or the CAF in Canada must submit a service request to ensure that the MWD vendor portal and configuration management database are updated.

4.34. MWD users must ensure that the firmware and software of their MWD are updated as directed by their IT SMC.

4.35. MWD users must return any non-functional MWD, whether due to irreparable malfunction, uneconomical repair or obsolescence, to an MWD custodian, manager or military supervisor of their unit or other organization.

Note – If possible, prior to the return of an MWD, MWD users must sign out of their Google account or Apple ID and reset all settings and content. See paragraph 4.28 for additional information.

4.36. MWD users must:

  1. secure their MWD to prevent loss, theft or damage;
  2. contact the applicable IT SMC immediately if their MWD is suspected to be compromised, lost or stolen;
  3. return their MWD if it is no longer required, or when retiring or leaving the DND or on release from the CAF; and
  4. submit a service request using the EITSM self-service portal when returning their MWD.

Disposal

4.37. MWDs must be sanitized and disposed of in accordance with the IT security guidance on IT Media Sanitization (ITSP.40.006).

Information Management

4.38. In accordance with DAOD 6001-1, Information Management Programme, DND employees and CAF members must document business activities, decisions and decision-making processes, regardless of form or format, and store them in an approved records management system. These requirements apply to phone calls and messages sent between MWDs, such as instant messaging or short message service (SMS) texts, even if they are not sent on a DND or CAF network or IT system. See Information Management Protocol - Instant Messaging Using a Mobile Device for additional information on communication methods, including phone, email, SMS texting and messaging using personal identification numbers.

4.39. In accordance with IM practices, transitory information must be disposed of when it has outlived its usefulness and is no longer required. See DAOD 6001-1 for additional information on IM practices and the disposition of transitory information.

5. Compliance and Consequences

Compliance

5.1. DND employees and CAF members must comply with this DAOD. Should clarification of the policies or instructions set out in this DAOD be required, DND employees and CAF members may seek direction through their channel of communication or chain of command, as appropriate. Managers and military supervisors have the primary responsibility for and means of ensuring the compliance of their DND employees and CAF members with this DAOD.

Consequences of Non-Compliance

5.2. DND employees and CAF members are accountable to their respective managers and military supervisors for any failure to comply with the direction set out in this DAOD. Non-compliance with this DAOD may result in administrative action, including the imposition of disciplinary measures, for a DND employee, and administrative or disciplinary action, or both, for a CAF member. Non-compliance may also result in the imposition of liability on the part of Her Majesty in right of Canada, DND employees and CAF members.

Note – In respect to the compliance of DND employees, see the Treasury Board Framework for the Management of Compliance for additional information.

6. Responsibilities

Responsibility Table

6.1 The following table identifies the responsibilities associated with this DAOD:

The … is or are responsible for …

ADM(IM)/CIO
  • ensuring MWD services meet the requirements of the DND and the CAF; and
  • approving MWD:
    • directives, instructions, standards, guidelines and terms of use; and
    • models for use within the DND and the CAF.

L1s and Comds of a command or formation
  • issuing amplifying MWD direction and guidance within their organizations;
  • ensuring MWD users within their organizations are aware of, and comply with, the provisions in this DAOD;
  • approving MWD models for use within their organizations;
  • managing any MWD cost-recovery action in their organizations that is initiated by the Treasury Board;
  • appointing BVAs and MWD custodians to ensure the appropriate management of their MWDs as required;
  • establishing the management or supervisory level for authorizing the use of MWDs by DND employees and CAF members; and
  • establishing procedures to ensure the appropriate management of MWDs issued to MWD users.

Comd CJOC
  • coordinating MWD requests for deployed MWD users.

DGIMO
  • providing end-user support and communications for deployed MWD users, e.g. changes in procedures, new service offerings, security bulletins and service outages;
  • managing MWDs for OUTCAN MWD users who are not part of OUTCAN Europe; and
  • planning, sourcing and allocating funds to support MWD services for deployed operations and OUTCAN MWD users.
DIMCD
  • providing L1s and Comds of a command or formation with reports on their MWD inventory and expenses in order to enable monitoring and control of MWD usage;
  • providing MWD invoicing support to the DND and the CAF; and
  • monitoring excessive usage of MWDs.
DIMEI
  • testing standard and non-standard MWDs and their configurations;
  • recommending the approval of new MWD models; and
  • developing MWD capability integration plans for DND and CAF IT systems.
directors and COs
  • approving in writing MWD use that may incur additional costs to the DND or the CAF; and
  • understanding and accepting responsibilities relating to the cost of MWDs and any additional capabilities.
managers and military supervisors
  • ensuring MWDs are authorized for use by DND employees and CAF members requiring the capability;
  • ensuring that MWDs are managed as GC, DND and CAF assets and that applicable policies, directives, instructions and procedures are respected;
  • rejecting MWD move requests for MWDs that are assigned to a position;
  • ensuring that MWDs no longer being used or required are returned to an MWD custodian, a manager or a military supervisor; and
  • ensuring their MWD users submit an EITSM service request to initiate the return of their MWD.
IT SMC
  • receiving, logging and tracking service requests for MWDs and forwarding requests to the appropriate service provider for fulfillment;
  • providing end-user support and communications for MWD users, e.g. changes in procedures, new service offerings, security bulletins and service outages; and
  • requesting the appropriate disposal of MWD in accordance with ITSP.40.006.
IT SMC Europe
  • managing MWD requests and providing MWDs for OUTCAN Europe MWD users;
  • providing end-user support and communications for OUTCAN Europe MWD users; and
  • requesting the appropriate disposal of OUTCAN Europe MWDs in accordance with ITSP.40.006.
Defence Service Operation Centre
  • submitting MWD service requests and incident reports to SSC, CJOC and DGIMO for more extensive support on behalf of IT SMCs and local service desks; and
  • providing IT SMC support and communications for MWD users, e.g. changes in procedures, new service offerings, security bulletins and service outages.
BVAs
  • approving the procurement or replacement of an MWD for a DND employee or CAF member in their unit or other organization.
MWD custodians
  • accepting the return of MWDs that have been issued to a position in their unit or other organization;
  • managing the inventory of MWDs that have been issued to their unit or other organization;
  • reissuing an MWD to an MWD user when the reissue is approved by a manager or military supervisor; and
  • returning MWDs no longer required to their local IT SMC.
DND employees and CAF members who authorize contracts
  • including MWD requirements in contracts that provide for contractors who are issued an MWD to:
    • comply with this DAOD and DAOD 6002-2, and all other GC, DND and CAF policies, directives, instructions, standards and guidelines in respect of MWDs;
    • return their assigned MWD at the completion or termination of their contracts; and
    • submit a service request using the EITSM self-service portal when returning an MWD.
DND employees and CAF members
  • complying with all GC, DND and CAF policies, directives, instructions, standards and guidelines in respect of MWDs; and
  • applying appropriate IM practices to all information assets and transitory information sent and received on MWDs.

7. References

Acts, Regulations, Central Agency Policies and Policy DAOD

Other References

Page details

Date modified: