Mobile Device Guidelines
Mobile computing devices and services covered by these guidelines include:
- Smart phones (such as Blackberry’s, iPhones, Android phones, etc.)
- Tablets, portable storage, or hand-held computers (i.e: iPads, Palm Pilot’s, Flash drives, etc.)
Risks of using a mobile device in the University enterprise
Most mobile devices available these days are capable of storing large amounts of data, are frequently unsecured, and easily lost or stolen. For these reasons, the potential of an unauthorized person accessing the data stored on these devices can pose a high risk to the University and our community members if sensitive or confidential data is stored on the device.
Data Security Restrictions
The best way to secure University data is not to store this information on a mobile device. Data that includes personal and financial information should never be stored on a mobile device. This includes, but is not limited to Social Security and credit card numbers, personal addresses, grades, medical information, and other personal and financial data.
Standards for the use of Mobile Computing Devices
In accordance with this and other University policies, mobile devices used for business purposes are to be used in a responsible manner.
These guidelines are mandatory requirements for any device used for business purposes (university owned or personnel) and individuals are responsible for understanding and implementing them.
- Label your device with a name and phone number to make the device easy to return if lost.
- Configure a passcode to gain access to the device.
- Set an idle timeout that will automatically lock the phone after a period of time.
- Keep all software, including the operating system and applications, up to date.
- Enroll your device in “Find My iPhone” or similar service to help locate the device if misplaced.
- If capable, configure the device to use hardware encryption.
- Do not “jailbreak” or “root” your device.
In addition to the guidelines above, University-owned devices are subject to the following:
- Devices must be enrolled in the University Mobile Device Management Service.
- The University may implement security capabilities (such as “remote wipe”) on certain devices when possible.
- Users must immediately report lost or stolen devices to the OIT Help Desk.