Other mobile devices
Confidential data should not be stored on mobile devices
It is relatively difficult to provide the levels of security and encryption appropriate to confidential data for mobile devices such as mobile phones (eg Blackberrys, iPhones), PDAs, etc.
Until clear standards emerge for the encryption of data on mobile devices, confidential data should not be sent, received or stored on them unless it can be verified that they have been configured in such a way as to make them sufficiently secure.
The use of strong passwords is essential to maintain privacy on such devices, but may not by itself provide the necessary levels of security.
Smartphone and Tablet security advice
Smartphones and tablets may contain a lot of confidential information, possibly including banking details.
Use a PIN to protect your devices from casual unauthorised use. (do this right now)
Treat a smartphone like your wallet or purse.
Treat a tablet like your laptop.
Steps that can be taken to increase the security of your smartphone:
- Use a PIN to protect the phone/tablet from casual unauthorised use. (do this right now)
- Set a timeout to lock the device.
- Consider configuring remote wiping.
- Some manufacturers provide remote wiping as a service. Contact your supplier for details.
- NOTE: Devices which use 'Activesync' (iOS, Windows mobile, some Android) to connect to your University email can be remotly wiped using the appropriate email web interface( at http://www.gla.ac.uk/it/webmail ) under options > mobile
- Be careful which apps you install and the permissions you give them.
- If you configure GPS location services, be aware of what information they share.
- Email security rules apply for smartphones and tablets.
- Keep a copy of your IMEI number (if applicable)in case of loss or theft.
- Backup the information on your devices.
- Ensure secure disposal of your devices at end of life.