Securing Portable and Mobile Devices

Securing our (and your) data: portable devices

No longer is our data kept on college computing systems in secured rooms, or on desktop computers that didn’t follow us around the campus. on leave, on college business-related travel, or home.  Today, our data follows us thanks to very portable devices and our ability to access it through WiFi networks nearly anywhere, anytime.

We love the convenience.  We can work anywhere.  We can work anytime.

But what happens if you have important, confidential, proprietary information on your portable device and your device is stolen, or lost, or you leave it behind on the plane?  We all work with confidential and personal information – about our prospective students, our students, our alumni, our employees, our vendors.   Many of us work with proprietary information and intellectual property (some of our research). 

Three very important things to remember:

  • If a portable/mobile device that you use for College work is lost, stolen, or missing, report it immediately to IT and Campus Safety, even if it is not owned by the College
  • Use Wooster’s “cloud” (OneDrive) and network storage for work-related files and data; keep as little as possible on your device
  • Secure the data on your device (password protect your device, encrypt files)

The College requires that College information and data stored on portable devices, regardless of whether the College owns the device, be encrypted.  This applies to all faculty, staff, trustees, volunteers, and contractors who use confidential, proprietary, personnel, donor, alumni, prospective student, enrolled student, and former student information.

Notebook computers must employ folder-level encryption with an approved software encryption package. Information Technology can assist in setting up encrypted folders, or you may do it yourself (instructions for Mac and Windows are provided in IT’s documentation website).    

Data stored on a smart phone or tablet must be saved to an encrypted file system using an approved application.  For devices that are lost, stolen, or missing IT will “wipe” stored data from them if the device has signed on to Office 365.  If you have not used your device to sign on to Office 365, you will be required to have your data plan provider “wipe” the device.   

Failure to follow these guidelines may result in disciplinary action, up to and including termination of employment or termination of services contract.

If you have questions about securing your data and devices, please contact Information Technology. 

ed: 08-01-15