Secure my mobile devices
There isn't much you can't do on the go using a laptop, smartphone, tablet or some new mobile gizmo or other. We're all busy using these portable mini-computers to shop, bank, work, get directions, read reviews, take pictures, make videos and connect with family and friends. With so much that is important and useful to you in the palm of your hand, security is paramount.
Find out about the main risks to your device and how to protect your data.
At a glance
Use a good password or PIN and make sure your device locks automatically when not in use
Only install apps from locations you trust and apply security updates
Set up a ‘remote wipe’ feature if available, in case your device gets lost or stolen
Securing your device
The most common modern mobile devices are built pretty securely – you just need to follow some simple steps to vastly reduce the risk of malware or data loss. However, some University data may not be appropriate for use on mobile devices – particularly personal phones and tablets. Ultimately, your head of department is likely to be accountable for ensuring the safe use of mobile devices and for making sure you know what data you are, and are not, allowed to use. To comply with the University’s policies on managing mobile devices you must follow the rules below.
- Make sure your personal device is secured by following the simple steps below
- Use a University-issued device
- Use a longer PIN or passphrase and/or biometric (e.g. fingerprint scanner) if available
- Use a University-issued device that is maintained by your IT team’s mobile device management tool
Here are some tips on how to meet the University's security requirements on some common devices.
Set a PIN of at least 4 digits
Settings > Passcode is set
Settings > Security > Screen Lock is set to “PIN” or “Password”
Settings > Security > “Automatically Lock” is set to “5 minutes” or less
Set up remote wipe
Phone is signed into Google account and location services are turned on
Automatic by default
Use safe apps
Only install apps from the Apple App Store, Google Play store, your handset’s vendor or your mobile network provider
Implement security updates
Respond to prompts to apply updates within a week and regularly apply updates to all apps
Monitor whether your vendor has ended support for your device and keep an eye on the list of approved devices
Problems with portability
Portability has its own particular security implications for your device and data.
- The smaller and more portable your device, the more easily it can get lost, damaged or stolen
- Your data can be intercepted if you connect to insecure or rogue wifi networks
- Portable devices can get hacked and pick up viruses and other malware just like any other computer
- You are more exposed to ‘shoulder surfing’ – always check no one's looking over your shoulder or earwigging any confidential conversations
Simply keeping your wits about you will go a long way to protecting your devices as you move around. For the rest, check out the advice below.
Securing your smartphone or tablet
Phones get dropped. Pockets get picked. Tablets get left on bus seats. Accidents and mishaps happen. But there are things you can do to protect your data even if your device gets broken, lost or stolen.
Always set a password/PIN-protected lock-screen to come on automatically when you are not using your device. Ideally, change the default settings so you can use a longer PIN or passphrase. And if your device has fingerprint ID or other advanced security, use that. On smartphones, encryption is often also enabled automatically when you set up a password/PIN (though do check the user guide for your model).
Set your device to ‘erase data’ and/or lock if the wrong password is entered too many times.
Set up a ‘remote wipe’ feature if one is available for your device. If your device is lost or stolen, this will enable you to erase your personal data remotely.
Make sure you have a master copy saved somewhere else of any documents you carry or edit on your mobile device.
Install security updates to your device and the apps you have on it. This helps protect the operating system from the latest malware.
Don't be tempted to ‘jailbreak’ your device. What your mobile device can access and download is deliberately limited to reduce your exposure to malware, so overriding these restrictions is not recommended.
Only install apps from trusted locations. In practice, this means only using the app store which came with your device - this will be Apple Store, Google Play or Microsoft Store. There may be other stores available for your device, especially in your home country if you don't live in the UK or US. If these are large and reputable they are probably safe to use, but you should still be careful when it comes to any app which asks for sensitive data, such as passwords or credit card details. It goes without saying that you should never use any app store which offers free (pirated) copies of popular apps - they're frequently loaded with malware.