DAOD 6002-3, Management of Mobile Wireless Devices
Table of Contents
Date of Issue: 2012-04-18
Date of Last Modification: 2022-10-14
Application: This DAOD is a directive that applies to employees of the Department of National Defence (DND employees) and an order that applies to officers and non-commissioned members of the Canadian Armed Forces (CAF members).
Approval Authority: Assistant Deputy Minister (Information Management) / Chief Information Officer (ADM(IM))/(CIO)
Enquiries:
- Director Information Management Capability Development (DIMCD) for interpretation of mobile wireless device (MWD) asset tracking and cost requirements
- Outside Canada (OUTCAN), Director General Information Management Operations (DGIMO) for interpretation of MWD engineering, configuration, integration and information technology (IT) service management requirements
- Within Canada, Director Information Management Engineering and Integration (DIMEI) for interpretation of MWD engineering, configuration, integration and IT service management requirements
mobile wireless device (dispositif mobile sans fil)
A cellular telephone, smart phone, pager, personal digital assistant, cellular modem or any other mobile device with an integrated capability for utilizing wireless telecommunication services. (Defence Terminology Bank record number 47433)
transitory information (information éphémère)
Information that is required only for a limited time to complete an action or develop other information. (Defence Terminology Bank record number 696515)
3. Overview
Interpretation
3.1. In this DAOD, “MWD users” refers to:
- DND employees and CAF members who have been issued an MWD; and
- contractors and other persons who have been issued an MWD by or on behalf of the Deputy Minister of National Defence or the Chief of the Defence Staff.
3.2. In this DAOD, unless the context otherwise requires, any reference to an “MWD” relates only to an MWD issued by the Government of Canada (GC), the DND or the CAF to an MWD user.
Context
3.3. MWDs are an important tool for communication within the DND and the CAF. As such, the DND and the CAF are responsible for ensuring that GC, DND and CAF MWDs issued to MWD users are properly managed in order to ensure their use is secure and effective, and that the resources necessary to support them are used efficiently.
3.4. DND and CAF MWDs are attractive targets for foreign military and intelligence services, and for terrorist organizations, and must be managed accordingly.
3.5. This DAOD should be read in conjunction with:
- the DND and CAF IM and IT Policy Framework;
- DAOD 6002-1, Management of Information Technology; and
- other relevant IT policies, directives, instructions, standards and guidelines.
Application of DAOD 6002-2, Acceptable Use of the Internet, Defence Intranet, Computers and Other Information Technology Systems
3.6. As an MWD is included in the definition "information technology system" (IT system) in DAOD 6002-2, MWD users are also required to comply with applicable provisions in that DAOD when using an MWD.
MWD Support Services
3.7. MWD support services are provided by the following organizations:
- Shared Services Canada (SSC) and IT service management centres (SMC) for MWD users located in Canada and the United States of America (USA);
- DGIMO for OUTCAN MWD users who are not on deployed operations or OUTCAN Europe;
- IT SMC Europe for OUTCAN Europe MWD users; and
- Canadian Joint Operations Command (CJOC) for MWD users on deployed operations.
Business Value Authorizers (BVAs)
3.8. BVAs are DND employees or CAF members who have been appointed by their level one advisor (L1) or commander (Comd) of a command or formation to authorize the issuance of a new or replacement MWD for their unit or other organization.
MWD Custodians
3.9. MWD custodians are DND employees and CAF members who have been appointed by their L1 or Comd of a command or formation to manage MWDs on behalf of their unit or other organization.
Objective
3.10. The objective of this DAOD is to provide direction on the use and management of MWDs within the DND and the CAF.
Note – This DAOD does not apply to the use of satellite telephones and their related services.
4. Operating Principles
Issuance
4.1. A new MWD may only be issued to a DND employee or CAF member when the issue is:
- recommended by their manager or military supervisor; and
- authorized by their BVA as required.
4.2. DND employees and CAF members who authorize the issuance of MWDs to contractors and persons other than DND employees and CAF members must ensure their compliance with this DAOD and DAOD 6002-2 by including appropriate terms in their contracts or by otherwise obtaining their consent to comply.
4.3. The MWD custodian of a unit or other organization may only reissue an MWD to a DND employee or CAF member when the reissue is approved by their manager or military supervisor.
4.4. In accordance with GC, DND and CAF policies, directives and instructions, and local standard operating procedures, a DND employee or CAF member may only acquire an MWD and related services through their DND or CAF mobile service organization or IT SMC.
4.5. An MWD must be managed and supported through a:
- DND or CAF IT SMC; or
- MWD custodian of a unit or other organization.
4.6. L1s and Comds of a command or formation must establish procedures within their organizations for:
- ensuring the appropriate management and use of MWDs, including any cost-recovery action initiated by the Treasury Board;
- setting the level of management or supervision for authorizing the use and procurement of MWDs;
- planning and allocating sufficient funds for MWD costs incurred by their organizations; and
- ensuring that any use of MWDs that might incur additional costs is pre-approved in writing.
4.7. MWD users must read and accept the applicable MWD end-user agreement before an MWD is issued to them. The client acceptance page in the Enterprise Information Technology Service Management (EITSM) self-service portal is used to meet this requirement.
4.8. An on-call or duty-related MWD may be shared. However, the approving authority for this capability must ensure that the MWD is used in accordance with this DAOD and DAOD 6002-2, and that all authorized MWD users sign and accept the applicable MWD end-user agreement that is used by the local unit, other organization or IT SMC, e.g. form DND 4260-E, User Agreement on the Acceptable Use of Mobile Wireless Devices in the DND and the CAF.
4.9. Form DND 4260 is used to inform MWD users of the conditions of use of an MWD and their due diligence responsibilities, and to obtain their consent to comply with the conditions of use and their responsibilities in respect of MWDs. See form DND 4260 for additional information on the conditions of use and due diligence responsibilities.
Official, Authorized, Unauthorized and Prohibited Uses
4.10. MWDs are considered to be IT systems and are therefore subject to DAOD 6002-2, which sets out direction for DND employees and CAF members on the official, authorized, unauthorized and prohibited uses of IT systems. See DAOD 6002-2 for additional information on official, authorized, unauthorized and prohibited uses.
MWD Specific Prohibitions
4.11. It is prohibited for any MWD user to:
- connect an MWD to any DND or CAF IT system using a universal serial bus (USB) as the MWD may have the capability to interconnect with an internal or external network and this could compromise the integrity of a DND or CAF IT system;
- connect an MWD to any personal device, e.g. a personal computer or personal laptop;
- pair an MWD with a smart watch;
- tether an MWD by a USB as a tethered MWD may have the capability to interconnect with an internal or external network and this could compromise the integrity of a DND or CAF IT system;
- use a non-GC, DND or CAF issued or procured subscriber identity module (SIM) card, including a primary, secondary, dual or embedded SIM card, in an MWD; or
- connect a personal MWD or an MWD of another government department to a DND or CAF IT system or network infrastructure.
Permitted MWD Accessories, Pairing, Hotspots and Microsoft Authenticator App
4.12. Only the following accessories may be used with an MWD:
- a charging adapter; and
- headphones.
4.13. Pairing an MWD with a Bluetooth device, other than a smart watch, is permitted.
4.14. The use of MWD hotspot capabilities is permitted. However, using the hotspot method may use large amounts of data and incur additional cost for the DND and the CAF. See paragraphs 4.6 and 4.16 to 4.20 for additional information on MWD additional costs.
4.15. The Microsoft Authenticator App or alternate authentication method can be installed on any MWD provided that it is registered and configured using the applicable D365 email address.
International Travel
4.16. MWD users on international travel are responsible for ensuring that they do not incur any additional costs to the DND or the CAF unless approved by a DND director, Comd of a command or formation, or commanding officer (CO).
4.17. A separate written approval by a DND director, Comd of a command or formation, or CO is required prior to international travel when an MWD may be used.
4.18. During international travel, an MWD user may use an MWD for official use only.
4.19. All data usage outside the country where the MWD was issued, including social media, email, web browsing, smartphone apps and other similar capabilities, incur additional charges. Voice calls and text messaging while travelling outside the country where the MWD was issued also incur higher charges. MWD users will receive an alert on their MWD if they enter an area where roaming charges apply, and they will receive notification messages when certain data usage thresholds are reached, depending on the country in which they are roaming.
4.20. MWD users can assist in managing MWD costs while on international travel by:
- turning off data roaming whenever possible;
- using Wi-Fi services;
- only opening email attachments that are essential to business;
- minimizing texting; and
- keeping conversations brief.
4.21. For travel to high-risk countries, MWD users should contact the Travel and Contact Security Program for recommendations. High-risk countries are defined by the GC Travel Advice and Advisories for Destinations at the time of lookup.
Deployed Operations and OUTCAN
4.22. MWDs provided by SSC and IT SMCs are not permitted on any deployed operation without the written authorization of the operational Comd.
4.23. MWDs for deployed operations and OUTCAN are provided by the applicable CAF mobile service provider as follows:
- deployed operations – MWD requests for deployed users are coordinated by CJOC J6;
- OUTCAN Europe – MWD requests for OUTCAN Europe users are managed by IT SMC Europe; and
- other OUTCAN postings – MWD requests for OUTCAN users that are not part of deployed operations or OUTCAN Europe are managed by DGIMO J3.
Use of Additional Capabilities
4.24. Capability modifications to an MWD must be assessed and approved through the DND and CAF IT change management process.
Classified or Protected Information
4.25. MWD users must be aware of and restrict voice and data communications to the approved sensitivity level of the MWD, i.e. Confidential, Secret, Top Secret, or Protected A, B or C. See Section 5 of the National Defence Security Orders and Directives (NDSOD) for additional information on physical security.
Unclassified Information
4.26. MWD users must be aware that information on an MWD that is not sensitive is categorized as unclassified information and can be identified with a caveat, e.g. for official use only or limited distribution. Caveats can restrict access to the information and the information must not be distributed beyond or discussed with anyone other than the intended audience or addressees. See Section 6 of the NDSOD for additional information on the security of information.
Expectation of Privacy
4.27. MWD users have a limited expectation of privacy when using an MWD as it is subject to monitoring for purposes of system administration, maintenance and security to ensure compliance with applicable GC, DND and CAF policies, directives, instructions and standards.
4.28. MWD users must sign out of their Google account or Apple ID before they return their device to enable its reuse or disposal. MWD users must also ensure that they remove all DND, CAF and personal information from their MWD by completing a factory data reset for an Android phone or resetting all content and settings for an iPhone. MWD users must transfer all information assets to a corporate repository, e.g. RDIMS or GCdocs, before resetting their MWD. See paragraphs 4.38 and 4.39 for additional information on information management (IM) practices.
Review of MWD Records
4.29. To ensure the cost-effective and authorized use of an MWD, an MWD approving authority may periodically, or as directed by their L1, DND or CAF organization, or IT SMC, examine detailed records of MWD usage.
Cost Recovery for Personal Use
4.30. MWD users must identify any personal use of an MWD and refund the cost to the Receiver General for Canada. The applicable L1 or Comd of a command or formation must establish procedures in their organizations for the implementation of cost recovery for personal use. See paragraph 4.5 of this DAOD and DAOD 6002-2 for additional information.
IT Asset Management
4.31. The requirement for an MWD may be assigned to:
- a DND employee or CAF member who may retain their MWD when they move within the DND or the CAF in Canada; or
- a position within a unit or other organization, which may be reassigned to another position within that same unit or other organization as required.
4.32. MWD users who are returning their assigned MWDs, for example, when retiring or leaving the DND or on release from the CAF, or on a posting outside Canada, must:
- submit the return mobile device service request by the EITSM self-service portal for Canada and USA mwd users, or by the applicable CAF mobility service; and
- return any assigned MWDs to their MWD custodian, manager, military supervisor, CO or Comd of a command or formation.
4.33. MWD users who are moving within the DND or the CAF in Canada must submit a service request to ensure that the MWD vendor portal and configuration management database are updated.
4.34. MWD users must ensure that the firmware and software of their MWD are updated as directed by their IT SMC.
4.35. MWD users must return any non-functional MWD, whether due to irreparable malfunction, uneconomical repair or obsolescence, to an MWD custodian, manager or military supervisor of their unit or other organization.
Note – If possible, prior to the return of an MWD, MWD users must sign out of their Google account or Apple ID and reset all settings and content. See paragraph 4.28 for additional information.
4.36. MWD users must:
- secure their MWD to prevent loss, theft or damage;
- contact the applicable IT SMC immediately if their MWD is suspected to be compromised, lost or stolen;
- return their MWD if it is no longer required, or when retiring or leaving the DND or on release from the CAF; and
- submit a service request using the EITSM self-service portal when returning their MWD.
Disposal
4.37. MWDs must be sanitized and disposed of in accordance with the IT security guidance on IT Media Sanitization (ITSP.40.006).
Information Management
4.38. In accordance with DAOD 6001-1, Information Management Programme, DND employees and CAF members must document business activities, decisions and decision-making processes, regardless of form or format, and store them in an approved records management system. These requirements apply to phone calls and messages sent between MWDs, such as instant messaging or short message service (SMS) texts, even if they are not sent on a DND or CAF network or IT system. See Information Management Protocol - Instant Messaging Using a Mobile Device for additional information on communication methods, including phone, email, SMS texting and messaging using personal identification numbers.
4.39. In accordance with IM practices, transitory information must be disposed of when it has outlived its usefulness and is no longer required. See DAOD 6001-1 for additional information on IM practices and the disposition of transitory information.
5. Compliance and Consequences
Compliance
5.1. DND employees and CAF members must comply with this DAOD. Should clarification of the policies or instructions set out in this DAOD be required, DND employees and CAF members may seek direction through their channel of communication or chain of command, as appropriate. Managers and military supervisors have the primary responsibility for and means of ensuring the compliance of their DND employees and CAF members with this DAOD.
Consequences of Non-Compliance
5.2. DND employees and CAF members are accountable to their respective managers and military supervisors for any failure to comply with the direction set out in this DAOD. Non-compliance with this DAOD may result in administrative action, including the imposition of disciplinary measures, for a DND employee, and administrative or disciplinary action, or both, for a CAF member. Non-compliance may also result in the imposition of liability on the part of Her Majesty in right of Canada, DND employees and CAF members.
Note – In respect to the compliance of DND employees, see the Treasury Board Framework for the Management of Compliance for additional information.
6. Responsibilities
Responsibility Table
6.1 The following table identifies the responsibilities associated with this DAOD:
The … | is or are responsible for … |
---|---|
ADM(IM)/CIO |
|
L1s and Comds of a command or formation |
|
Comd CJOC |
|
DGIMO |
|
DIMCD |
|
DIMEI |
|
directors and COs |
|
managers and military supervisors |
|
IT SMC |
|
IT SMC Europe |
|
Defence Service Operation Centre |
|
BVAs |
|
MWD custodians |
|
DND employees and CAF members who authorize contracts |
|
DND employees and CAF members |
|
7. References
Acts, Regulations, Central Agency Policies and Policy DAOD
- Access to Information Act
- Financial Administration Act
- Privacy Act
- Framework for the Management of Compliance, Treasury Board
- Values and Ethics Code for the Public Sector, Treasury Board
- Policy on Service and Digital, Treasury Board
- Directive on Service and Digital, Treasury Board
- Information Management Protocol – Instant Messaging Using a Mobile Device, Treasury Board
- DAOD 6002-0, Information Technology
Other References
- DAOD 6001-1, Information Management Programme
- DAOD 6002-1, Management of Information Technology
- DAOD 6002-2, Acceptable Use of the Internet, Defence Intranet, Computers and Other Information Technology Systems
- DAOD 6002-9, Information Technology Asset Management
- DAOD 6003-1, Information Technology Security Programme
- DND and CAF IM and IT Policy Framework
- National Defence Security Orders and Directives
- Travel Advice and Advisories by Destination, Government of Canada
- IT Media Sanitization (ITSP.40.006), Canadian Centre for Cyber Security
- Form DND 4260-E, User Agreement on the Acceptable Use of Mobile Wireless Devices in the DND and the CAF
- Defence Forms Catalogue (DFC), ADM(IM) intranet site
- Enterprise Information Technology Service Management, ADM(IM) intranet site
- IM and IT DAOD, Standards and Guides, ADM(IM) intranet site
- IM and IT Policy Instrument Development, ADM(IM) intranet site
- Interim Directives, Instructions and Other Correspondence, ADM(IM) intranet site
- Travel and Contact Security Program (TCS), VCDS intranet site
Page details
- Date modified: