Mobile Device Security

Purpose

NC State University Computer Use Regulation requires authorized users to take appropriate precautions to secure access to assigned university accounts and IT resources. In accordance with the <ahref=”http://policies.ncsu.edu/regulation/reg-08-00-02″>NCSU REG08.00.02 regulation, the following requirements and guidelines are intended to help NC State mobile device users protect sensitive university data in the event the device becomes compromised, lost or stolen. Vendor-specific security measures may be appropriate for some devices.

Scope

These requirements and recommendations apply primarily to university personnel who access university data (including email) via their personal or university-owned mobile device.

Definitions

  • “University Personnel” includes all employees of the university whether permanent, temporary, full-time or part-time, faculty, staff, administrators, student employees and agents of the university (including volunteers but not including independent contractors) to the extent they are acting within the scope of their agency authority.
  • “University Data” is defined as all information content related to the business of NC State University that exists in electronic or digital form, and also such information that exists in other forms (e.g. ink on paper). “Data” includes but is not limited to electronic communications, text, graphics, video, audio, still images, databases, and spreadsheets.
  • “Access” to data is the ability to view, retrieve, alter, or create data.
  • The term “mobile device” includes smart phones, PDAs, laptops, tablets, and all other portable devices

The next two sections talk about: 1) What constitutes a secure mobile device, and 2) The steps to take to make your particular device secure. If you want to know:

  • What has to be done, skip to What constitutes a secure device.
  • How to do it, skip to How to secure your device.

What constitutes a secure device

There are both required and recommended (optional) elements of a secure mobile device. The required elements of security apply to any device—whether it’s personally-owned or university-owned or issued—that accesses university data, including email. Visit Mobile Device Security Requirements and Recommendations to see all requirements and recommendations, or click on individual items below to see the details for that item or group of items.

Examples of seeing details: Click on Securing your device to see all the required and recommended things that comprise making your device secure. Click on Password Protection/Lock to see both the required and recommended things to be done specifically for password protecting and locking a device.

  1. Securing your device
  2. Securing your data
  3. Securing your communications
  4. Emerging technologies

How to secure your device

Do-it-yourself instructions to implement requirements and recommendations on each device are being devised.

Note: This section is being updated as instructions and presentations become available for the respective devices.