Mobile Device Access to Campus Network Services
Purpose
University employees may wish to access campus network services such as e-mail using their mobile device. The University has a regulatory and business requirement to maintain the security and confidentiality of University information. University employees who connect their personal or University-issued mobile device to the campus network agree to allow the University to manage the security of their mobile device, including wiping all data from the device in the event the device is lost or stolen or the employee separates from the University.
Scope
University Policy
Definitions
All University employees, including faculty, who use a personal or University-issued mobile device to access University network services.
Policy
Many University services are available for employees to access using their mobile devices. Such services include (but are not limited to) University email, Canvas Learn, Cognos reports and the campus directory. Users who possess a mobile device, such as a cell phone or iPad, that is connected to University network services may be able to access University confidential information and/or personal information about the owner of the device.
By accessing these University mobile services the employee agrees to abide by all University policies governing his or her access to information systems, including (but not limited to) the University’s Appropriate Use Policy and the University’s Confidentiality Policy.
In particular, the employee agrees to secure any University confidential information on his or her mobile device. The employee should set a secure password on the device’s lock screen (see the University’s Password Policy to see what makes a password secure). The employee should, if possible, set the device to wipe all data from the device after fifteen invalid attempts to unlock the device. This ensures that University confidential information remains secure in the event the device is lost or stolen.
In addition, by accessing certain mobile services, such as campus email, the employee agrees to allow University IT Services to manage certain security settings on the device. Employees explicitly acknowledge this when they connect their device to a campus mobile server by clicking the “I Accept” option displayed on their first login attempt. This enables University IT Services to delete all data from the employee’s device in the event the device is lost or stolen, or in the event the employee separates from the University.
Please note that this applies whether the device is University-issued or personally owned; connecting the device to certain of the University’s mobile services requires, as part of the setup process, acknowledging that certain security settings on the device are managed by IT Services.
Employees who have University confidential information on their mobile device should contact IT Services as soon as possible if the device is lost or stolen so that IT Services can wipe all user data from the device.
In the event of a separation from the University, IT Services will attempt to work with the employee to enable them to retain any personal data on the device, such as their personal pictures, videos, phone and other items, but depending on the device and other circumstances, this may not be possible. By connecting his or her device to campus mobile services the employee assumes the risk that their personal data may be irretrievably lost from the device in the event that the device is missing or the employee separates from the University. IT Services recommends that employees who connect their mobile devices to campus network services regularly back up their personal data (pictures, videos, apps, directories, and the like) to their personal computer, external drive, or online service.
Responsible Offices
- Department of Information Technology
Approval
Approved
Effective Date
August 15th, 2013