As mobile devices on campus continues to grow, it is important that faculty, staff and students at the University adopt practices and procedures for mobile storage devices to ensure that confidential and private data stored on these devices is protected.
These devices and the data contained on them when left unsecured, are susceptible to theft and possibly to exploitation.
When at all possible, protected or restricted datashould not be stored on mobile storage devices. If sensitive data is stored on a mobile device the following practices should be adopted:
Maintain a Clean Device
Keep your security software, browsers and operating systems up to date
Keep your applications up to date. Many updates add new features and better security
Monitor your device’s data usage and investigate anomalies
Know the source of your app. Be sure to only use trusted sources
Do not “jailbreak” or “root” your mobile device. A non-standard configuration may prevent the installation of security updates and may void your warranty
Restrict Device Access
Use a password to access the device and set the device to auto-lock during inactivity
Protect specific files with a password if possible
Do not share your device with other people
Use locking security cables for mobile computers and lock offices, cabinets or desk where devices are stored
Ensure your doors are locked and devices are out of sight when in a vehicle
Avoid leaving your device unattended in a public area
Institute a check-out procedure to track shared devices in a Department or Faculty
Use an encrypted USB Flash drive
Compliance with the Mobile Encryption Standard (coming soon)
Getting Connected
Turn off wireless, Bluetooth and infrared access when not in use
Wireless access should be configured to ask for a password before connecting
Unknown or untrusted networks should not be used to transfer sensitive data
Safety Online
When in doubt throw it out. Always be suspect of links or attachments in email, posts and texts
Check for secure connections or websites starting with "https://" - especially when making purchases
Learn the security and privacy features of your social media applications. Be comfortable with the information you share
Be a Good Online Citizen
Share about others only as you would be comfortable having them share about you
Never give out anyone’s personal information to a third party without permission. This includes email, social media names, numbers, photos or videos
Lost or Stolen Devices
Immediately report the loss, theft or unauthorized use of the device
Capable devices should be wiped remotely in the event of loss or theft