Protect data on your mobile device

On this page:


Overview

Like desktop computers, mobile devices (smartphones, tablets, laptops, and notebook computers) are frequently used to access and store both personal and institutional information. However, because of their portability, mobile devices are more susceptible than desktop systems to loss and theft. Following are safeguards you can use to reduce the risk of someone accessing personal and institutional data when your mobile device is lost or stolen.

At Indiana University, any faculty or staff member, affiliate, or student-employee who uses a mobile device to access, store, or manipulate institutional data must:

  • Apply appropriate safeguards to the device to mitigate the risk of information exposure due to loss or theft.
  • Report any device that is lost, stolen, or otherwise compromised to it-incident@iu.edu.
  • Wipe (erase) all data stored on any device before transferring ownership (for example, by sale or trade-in).

For details, including specific safeguards required for mobile devices, see Mobile Device Security Standard (IT-12.1).

Note:
If your mobile device is lost or stolen, follow the instructions in If your computer or other device is stolen.

Keep your device physically secure

The most effective method of protecting the data on your mobile device is to protect the device itself:

  • Either keep your device with you at all times or leave it in a secure physical location. This can prevent not only malicious access to your data, but inadvertent or accidental loss or damage of your data (such as when a child finds your device and attempts to use it).
  • Keep records of your device's identifying information, such as its MAC address, serial number, and the date and place of purchase. This information can help authorities track or identify a lost or stolen device.

For additional safeguards against data loss and theft, see Laptop and Mobile Device Security.

Use data encryption on laptops and notebook computers

Using a whole-disk encryption program is the best safeguard against unauthorized access of data on your laptop or notebook computer. Such applications use strong encryption methods that protect your device's hard drive while allowing you easy access to your data. For disk encryption, UITS recommends the following:

Enable security features on smartphones and tablets

UITS recommends the following mobile operating systems for smartphones and tablets; see the corresponding documents for information about configuring security and encryption settings:

Operating system Instructions
iOS 4.0+ Secure your iPhone, iPad, or iPod touch
Android 2.3+ (must be upgradable to 4.0)   Secure your Android OS device

Specific security features vary between devices and operating systems. Use whichever features your device offers that provide the best security for your needs:

  • Password, passcode, or PIN: Setting a password, passcode, or PIN to access your device is generally simple and effective. Use a code that is four digits or longer, and keep it secret, like you do for your email password or passphrase. See Your IU passphrase.
  • Unlock pattern: Some handheld devices let you set unlock patterns that function like PINs. Use a pattern with some complexity (for example, with at least five points), keep it secret, and protect it from observers. Additionally, be aware that smudges on the face of your device may reveal your pattern to unauthorized users.
  • Device lockout: Most handheld devices provide a lockout option that locks the device if someone makes several consecutive unsuccessful attempts to enter the password, PIN, or pattern. Using the lockout option can thwart a brute-force attempt to guess your password, PIN, or pattern. Setting the lockout limit to 10 attempts is usually sufficient.
  • Auto-wipe: Auto-wipe is similar to the lockout option, but more secure. After several consecutive unsuccessful password, pattern, or PIN attempts, the device will automatically erase (wipe) all stored data and reset itself to the factory defaults.
    Note:
    When you use the auto-wipe option, make sure to back up your data regularly (for example, to a desktop computer or a cloud storage service). Consult your device's documentation for instructions on backing up data.
  • Encryption: Certain handheld devices are capable of employing data encryption. Consult your device's documentation or online support resources for information about available encryption options. (For Surface tablets, see Encrypt your Surface tablet using BitLocker).
    Important:
    IU's Mobile Device Security Standard (IT-12.1) requires the use of data encryption on handheld devices used to access, store, or manipulate Critical data at IU. Such use also requires "written approval from the senior executive of the unit involved or the Institutional Review Board confirming a critical business need".

The following common features are frequently useful, but can also create security risks. You may want to consider disabling them:

  • Bluetooth: Consider disabling Bluetooth connectivity on your device unless you need it. Hackers and data thieves can use Bluetooth connections to "eavesdrop" on your device and access your sensitive data.
  • GPS: Consider disabling Global Positioning System (GPS) and other location services unless you need them. Your physical location (or the locations of your device) is a piece of sensitive data that you may not want stored or broadcast. Conversely, if your device is GPS-enabled, some apps and services (such as Find My iPhone) can help locate your device if it is lost or stolen.

This is document bcnh in the Knowledge Base.
Last modified on 2024-01-10 09:26:34.