Mobile Device Security Best Practices

Your tablet, smart phone, or e-reader is easy to use around campus because it is portable. However, it also carries a risk of being lost, stolen or misplaced. In addition, such devices may have weak authentication mechanisms that can be compromised or easily disabled. The risk to you and The University of Chicago is even greater if the device can access and store confidential data, or what the University has defined as sensitive data.

In order to help mitigate the risk, we provide guidance on actions you should take to protect your own data and that of others.

General Security

  • Password protect your device and enable auto-lock. Choose the strongest password that your device can support.
  • Consider using an image that provides a contact point should someone find your device and wish to return it.  For example, the “If Found Lock Screen” for Apple products.
  • Follow standard security protocols, such as making sure all operating system and application updates and patches are installed.
  • Wipe the data on your mobile device before disposing of it. Also enable a remote wipe feature in case you have to do so if it is lost. This may include features that will delete stored data on your mobile device if a password is entered incorrectly after a certain number of times. Check with your mobile device provider for specific information concerning your device. Users of who are running Microsoft Exchange (xMail) on their mobile device can wipe an entire device when removing their xMail data remotely. Blackberries have to be using ITS xMail services and use Blackberry Enterprise Services (BES) for syncing. To request a data wipe, email IT Services or call 773-702-5800. Some devices may be listed, but their support varies by official phone vendor. Jailbroken, rooted, non-manufacturer ROM-based devices may not respond to the wipe command.
  • Report lost, stolen, or misplaced mobile devices to the police immediately. Wipe its data remotely. If your mobile device contained UChicago sensitive data email IT Security or call 773-702-2378 immediately. For technical assistance email the ITS Service Desk or call 773-702-5800.

Transmission Security

  • Disable wireless access, such as Bluetooth or Wi-Fi, etc., when not in use to prevent unauthorized wireless access to the device.