Internal, open access

Mobile device security

Using a mobile device to access university data provides a great number of benefits when accessing data away from your desk, providing access in meetings or away from the office. It also brings a number of risks to that data, especially if the device is lost or stolen. Following a few key pieces of advice can help to reduce the risk and possible data loss. If you access university systems or data with your device you should follow the following 'Dos and Don'ts' advice.


  • Ensure that the device has a pin or passcode to protect it:

Using a pin or passcode makes it harder to compromise a device as the code is needed to access it. Also set the screen to automatically time out and lock after a short period of time, such as a minute or two.

  • Where possible encrypt the device and storage media:

Encrypting the data makes it much harder to access if the device is compromised.

  • Encrypt data:

If you must keep sensitive data on the device then make sure it is properly encrypted.

  • Use recommended devices/operating systems:

Using a recommended and supported device means that you will receive more help and advice from IT Services. These include later Microsoft Windows mobile devices, iOS (Apple) and Android.

  • Use a supported ActiveSync client to access the staff email service:

A supported client will mean you get more help and assistance and will reduce problems. It will also require you to use an encrypted connection to the staff email service, protecting your password and data in transit.

  • Wipe your device if it is lost:

You can remotely wipe your device using Staff email. If the device is lost this is a way of ensuring that the data is not lost.

  • Keep your device up to date:

Keep your device patched and up to date. This will help keep you protected from compromise.

  • Backup your device:

Backup your device or don't store information on it. If you are worried about calendar and contacts then store them on the university systems so that they are not lost even if you lose the device.


  • Store data on your device:

If the data is not stored on the device then it cannot be accessed in the event of compromise.

  • Install untrusted apps:

Untrusted apps could compromise your device.

  • "Jailbreak" or "root" your device:

Devices are more secure in their unbroken state. You may be able to do less with them but so can other people.

  • Leave Bluetooth (or Near Field Communication, NFC) running if it is not needed:

Bluetooth (or NFC) provides a possible weak point to your device. It also drains the battery more than if it is not running.

Things to do now


Contact IMPS

Report an

Find out if you need to do a DPIA here:

Page navigation


Search Form

A-Z lists