What does your smartphone know about you?
More than you realize.
When you think about it, we use our smartphones for a lot of routine activities in our daily lives. We send email, keep up with family and friends, and even shop online. While these activities seem harmless, they can leave behind data footprints that reveal information about us we’d rather keep private. We certainly don’t want others to know about our personal conversations, our family activities, or anything related to our bank accounts and credit cards.
What does your smartphone know about your work?
Using your smartphone to access your ECU work email can expose sensitive university information to others. For example, using your work email to address sensitive personnel issues, confidential business decisions, legal matters, and patient treatments can leave sensitive details on your smartphone.
If your phone is lost or stolen and is not properly secured, the thief may now have unrestricted access to your email and other sensitive work information.
For more information see the ECU Smartphone Security Guidelines.
Keep your smartphone safe and secure
Smartphones are essentially pocket-size computers that are just as vulnerable to viruses and other attacks as your laptop or desktop. So it’s important that you protect your smartphone as you would any other computing device.
It’s important that you do:
- keep your smartphone operating system (OS) and apps updated
- password protect your smartphone
- enable data encryption on your smartphone
- use remote data wipe (removal) features on your smartphone
And that you don’t:
- jailbreak your smartphone
- download apps from unknown sources
- open attachments or click on embedded links
- store sensitive data. For guidance, see Guidelines for Protecting Sensitive Data
And be sure to report lost or stolen smartphones, which have been used to access or store ECU sensitive information to the IT Help Desk at 328-9866.
See the Smartphone FAQ below for additional guidance.
In the coming months, ECU will test a Mobile Device Management (MDM) solution to assist with the management of personal and university-owned mobile devices, such as smartphones and tablets. This solution will enable us to provide a more secure computing environment for the university community.
The MDM solution includes such features as passcode protection, device encryption, remote data wipe and auto-configuration for accessing ECU resources.
Frequently Asked Questions
Why am I being instructed to avoid storing sensitive data on my smartphone? It’s very convenient and helps me be more efficient and effective in my work.
The availability, capability and ease of use of personally-owned smartphones have resulted in an explosion of use in business, education and patient care. The use has quite honestly out-paced the security and compliance framework needed to ensure secure access to and storage of sensitive information. The loss or theft of your smartphone could lead to a data security breach resulting in costly fines and reputational damage for the university.
What should I do if I am accessing or storing sensitive data on my personal smartphone?
Please delete any sensitive data from your smartphone. The university does not have appropriate policies and tools in place to safeguard sensitive data on smart devices. ECU will soon begin pilot-testing a mobile device management tool to assist in providing safeguards for mobile devices. You will see announcements soon on information forums to discuss the features of this tool and plans for the rollout.
I use my smartphone to access ECU email. What can I do to protect my email?
See the Smartphone Best Practice Guide for tips on securing your smartphone. A few simple steps can help protect your ECU email. Password protection, device encryption, deletion of emails from smartphones, enabling remote wipe, installing antivirus, avoiding downloading games and applications from untrusted sources are examples of steps to take.
I don’t know how to implement the steps you suggest. How do I secure my smartphone?
Check with your phone manufacturer for the specific steps to secure your phone. You can also check the manufacturer’s website. Many providers offer free classes on using your smartphone. Check the Smartphone Security Best Practice Guide and Smartphone Encryption Guide for additional resources.
What is “jailbreaking”?
The term, “jailbreaking,” refers to changes made to an iPhone, iPad, or iPod that allows users to install software applications that are not available through the Apple Store. Hence, the device is liberated and free to load whatever apps the user desires.
“Rooting” is a similar activity for Android smartphones that provides users with privileged access to the phone’s internal settings and controls. This allows users to load applications that could not be installed otherwise, because they require root access to function.
There are stability and security concerns with jailbreaking/rooting smartphones; what’s more, jailbreaking/rooting your phone may negatively impact vendor support for your device.