Mobile Devices
This day and age, mobile devices (from smart phones to tablets) are commonly seen across the Duke landscape. While such devices cannot be secured in the same way as your desktop or laptop computer, you should still take some precautions, we recommend the following:
| iOS (6.x+) | Android OS (4.x+) | |
| Update OS: | (Settings -> General -> Software Update) | (Settings -> About Phone -> System Updates) |
| Set a passcode / screen lock: | (Settings -> General -> Passcode Lock) | (Personal -> Security -> Screen Lock) |
| Enable encryption: | Enabled once the Passcode Lock is configured | (Personal -> Security -> Encryption) |
| Remote wipe: |
1.) Sign in to iCloud with your AppleID at https://www.icloud.com 2.) Choose "Find My iPhone". 3.) Select the appropriate device. 4.) Click "Erase iPhone" from the device screen. *Requires iCloud configuration and the Find My iPhone app. |
Not all Android devices provide remote wipe capabilitites by default. Check your mobile provider to see if they offer apps with this functionality. Alternatively, check the Play Store for many 3rd party remote wipe products. |
System Updates & Security Software
Mobile devices are susceptible to malware, viruses, and similar threats. Please ensure your software is always up-to-date and install security applications when available.
Password & Encryption
Ensure you password protect the device to prevent un-authorized access. Use passwords to help protect your privacy if your device is lost or stolen.
Password protect any important documents that are kept on your device. Your grocery list doesn't need a password, but you don't want confidential information in the hands of a thief. Various applications are available for each device that allow this type of security.
Encryption helps to obfuscate critical data on the device if it's ever lost or stolen.
Never leave a smartphone unattended, even for just a minute. Make it a habit to keep the phone close at all times.
Keep only the documents you really need on your smartphone, and remove and archive older files you don't actively use anymore.
Never allow your cell phone software to automatically supply a password for you. If you do, it means that anyone with your phone can access your accounts.
Remote Wipe
If you have a Duke-owned device, consult with IT staff regarding options and configuration to remotely wipe data from the device in the event that it is lost or stolen.
For personal devices, consider the steps outlined in the above chart to allow for remotely wiping a device when needed. University Exchange accounts can also wipe a device using the Outlook Web App (exchange.oit.duke.edu). When viewing your account options, click "Phone" in the left hand. Devices configured to access your Exchange account will be displayed along with the option to wipe the device.
***Akin to the topic of remotely wiping a device, using applications such as Prey (http://preyproject.com/), an open source anti-theft solution available for multiple platforms on various devices, will allow you certain options should your device get stolen.***
VPN
Only connect to Duke via the Internet when using the Duke VPN client. Review the knowledgebase article from OIT concerning the university VPN FAQs which include connecting to the VPN client from mobile devices.