To help counter the serious and increasing threats to mobile devices such as smartphones and tablets, Information Technology and Services (ITS), in collaboration with ICT and other IT groups across campus, developed and recently began implementing a new Mobile Device Security Standard.
ICT will be following the campus-wide implementation date of January 7, 2013.
The Mobile Device Security Standard will improve security of data that resides on your mobile device by helping prevent loss or compromise of that data, whether it’s your personal data or Syracuse University’s data. This standard will not only help protect you from identity and data theft, it will help protect Syracuse University from adverse consequences and costly breach notification requirements in the event your device is lost or stolen.
Any mobile device you use to access SU’s Exchange email system through any protocol other than Outlook Web Access (OWA; exchange.syr.edu) on a browser is subject to the standard. The reason for this is that whenever your mobile device connects to Exchange it can receive and store confidential data, without your immediate knowledge.
Upon implementation, your mobile device will be configured with these security settings:
- A numeric passcode with a minimum of 4 characters
- The device will automatically lock after 15 minutes of inactivity
- Device encryption will be enabled, if supported (iOS devices do this automatically when the passcode lock is set)
- The device will be automatically wiped after 10 failed passcode entry attempts
- You will be prohibited from disabling security settings
- IMAP access to your Exchange mailbox will be disabled
The security standard will also standardize the existing ability for you or authorized IT personnel to remotely wipe your device if it is discovered to be missing.
After this policy is deployed on January 7th, the first time you use your device to connect to Exchange you will be prompted to create your passcode if you have not previously done so. You will use this passcode to unlock your device from that point on.
See the recent Mobile Device Security article on the ITS web site to find out more and to see how the standard will affect you and your device(s).