Mobile Device Security Guideline

Applicability

This guideline applies to all users accessing systems and resources at Boise State University.

Guideline

Employees using Mobile devices, software, and/or related components to access University data MUST:

• Keep these devices and related software protected, updated and patched.
• Ensure such devices employ device access protection such as pass-codes, complex passwords, pattern swipe, facial recognition, card swipe, fingerprint reader, etc…
• Ensure the device activates access protection when powered up, awakened from sleep mode, or after 2 (two) minutes of device inactivity.
• Ensure such devices employ remote wipe functionality at all times in case the device is lost or stolen.
• Ensure that the sensitive data is protected using data encryption as outlined in the System Security Encryption Guideline.
• Acknowledge and confirm that all University-sensitive data has been permanently erased from their mobile devices once their need for access is no longer required.
• Agree to and accept that their mobile device access to Boise State managed networks may be monitored in order to identify unusual usage patterns and/or suspicious or malicious activity.
• Immediately report to the Help Desk any incident or suspected incidents of unauthorized data access, data or device loss, and/or disclosure of system resources as it relates to their mobile devices.

Employees using mobile devices, software, and/or related components to access University data MUST NOT:

• Store mobile passwords and/or other confidential or sensitive data on an unencrypted mobile device. See Data Classification Standard.

Enforcement

Failure to comply with the Boise State Mobile Device Security guideline may, at the full discretion of the University, result in the suspension of any or all technology use and connectivity privileges, disciplinary action, and/or possible termination of employment.

Information Disclaimer

Individuals using computer systems owned by Boise State University do so subject to applicable State and Federal laws and University policies. Boise State University disclaims any responsibility and/or warranties for information and materials residing on non-university systems or available over publicly accessible networks. Such materials do not necessarily reflect the attitudes, opinions, or values of the State of Idaho, Boise State University, its faculty, staff, or students.

Updates

Created: January 2016

Last Update: August 2022

Next Review: February 2025