Service Desk

Information Technology Services

Best Practices and Guidelines

 
  • Always use an encrypted, secure network
    • On-campus: Secure Mustang Wireless Network (WPA2)
    • Off-campus:
      • Turn off "Ask to join networks" and auto-join for all networks.
      • Use the cell carrier's network instead of an insecure WiFi network.
      • Use public WiFi hotspots with caution and configure the smartphone so that it does not connect automatically.
      • Use only trusted networks for sensitive matters.
  • Perform Security Updates
    Anti-virus/security software should be installed, configured for on-access scanning. Operating system, applications, anti-virus/security software, and firmware updates should be set to automatic (e.g. checked daily).
     
  • Change Default Settings
    • Enable passcode and autolock.
    • To protect against data snooping or injection attacks, when establishing a connection between a mobile device and a wireless accessory (e.g. Bluetooth pairing), set a new value for the PIN or password instead of using the default/zero/null value.
    • Applications, options and services that are not required should be turned off or uninstalled.
    • Disable SMS preview or equivalent.
    • Turn on airplane mode when you do not need the phone, GPS, radio, Wi-Fi, or Bluetooth
  • Never Store Sensitive, Unencrypted Data
    Mobile devices used to store, process or transmit sensitive data should be configured with whole-disk encryption. Do not store application passwords or Web site passwords.
     
  • Require Authentication
    This is a simple step that many people fail to do. All mobile devices have the ability to lock the screen and require a password or code to access it.
  • Use Physical Tethering
    Keep your device on you at all times and never leave it unattended.
     
  • Backup Regularly
     
  • Turn off Bluetooth
    When not in use, turn off Bluetooth. Leaving your device discoverable can leave your device open to hackers.
  • Remote Wiping / Erasing Capabilities
    Most mobile devices have the ability to locate and/or wipe your device if lost or stolen. For devices that do not have this ability, there are third party apps available or this service may be offered through your carrier.
  • Applications

    Before installing or using new smartphone apps or services, check their reputation using app-store reputation mechanisms and, if possible, with friends, family or colleagues.

    For example, It is good practice to install apps only from the Apple app store.

    Never install any software onto mobile devices unless it knows and trusts the source of that software and expects to receive it. This refers to any software or application that users receive on their devices through any channel (e.g., by download over WAP/web, attached to an SMS, MMS, instant message or e-mail, through Bluetooth, or data connection, via synchronization with a computer or from a memory card or other temporary storage device read by the phone).

    Never ignore or override security prompts displayed unless you are confident that you fully understand the risks associated with these actions.

  • Lost or Stolen?
    • Remote wipe the device (if possible).
    • Immediately change all saved passwords  stored on the device (if unencrypted).
    • If university-owned property, contact Property Services.

Related Content

Service Catalog

Service Catalog

SERVICES FOR THE CAMPUS

Find the technical services you need, get more information or find help in the Service Catalog. 

See our Service Catalog

Get Help

Go to Help & Support

Check Out

Equipment Checkout

Book a variety of equipment from the Media Resource Center online with Connect2.

Check Out Equipment

Office 365

Microsoft Office 365 Education provides improved mail, calendar, file storage & sharing.

Learn More

Wi-Fi

Secure Mustang Wireless gives you a secure wifi connection on campus.

 

Secure Mustang Wireless