Skip Navigation
Information Technology
Member, Texas Tech University System The Princeton Review - 373 Best Colleges, 2011 Edition

Sensitive Information and Mobile Devices

If you use your smartphone or tablet to store or process sensitive information such as Social Security numbers, student grade information, or patient health information, follow the directions below to secure your mobile devices.  Even if you are completely certain you don’t work with any sensitive information on your smart phone or tablet, the information below can still help you keep your personal information safe.

  • Steps

    Please expand the section that corresponds to the device(s) you use.  If you would like help implementing any of these items, please call the Technology Support Center at 942-2911.

    • Android Phones

      The instructions in this section are based on a Galaxy S3 running OS version 4.3.  Your device’s location of items and services may vary.

      Anti-malware

      Android Device Manager

      From the Mobile device:

      1. Locate and open the “Google Settings” app on the device
      2. Tap Android Device Manager
      3. Select Allow remote lock and erase
      4. Accept the Android Device Manager device administrator prompt on the device

      From a computer:

      1. Open the Android Device Manager in a browser and Login
      2. Select the device from in the dialog box shown if you have more than one
      3. Click Setup Lock & Erase
      4. Accept the Android Device Manager device administrator prompt on the device

      To find a lost android device login to the Android Device Manager.

      Encryption

      Warning: If your PIN/Password is lost while the device is powered off the device can only be recovered by a factory reset.

      You must enable lock screen before your phone will allow encryption to be turned on.

      Notice: The steps outlines below may change from device to device.  Recovery of a locked device is done through your Google account.

      1. Open the system settings menu. This is often done by pressing the menu button the device from the home screen and selecting settings.
      2. Find and Open the Security menu. On older phones it will be called Location & security
      3. Select Screen Lock. On older devices it will be called Configure lock screen
      4. Select either PIN or Password
      5. Adjustthe idle time before the screen locks
        • Open the system settings menu
        • Tap the Display or Screen option
        • Tap the timeout or sleep option
        • Select the time you are comfortable with


      Once started the encryption process must not be interrupted or data loss will result.

      Notice: The steps outlines below may change from device to device.

      1. Find a time when you will not need your device for an hour or two.
      2. Charge your device and leave it plugged in for the procedure
      3. Open the system settings menu. This is often done by pressing the menu button the device from the home screen and selecting settings.
      4. Find and Open the Security menu. On older phones it will be called Location & security
      5. Tap Encrypt phone/tablet
      6. Make sure the phone is charged, plugged in, and a PIN/Password has been set.
      7. Tap Encrypt phone/tablet. Tap Encrypt phone/tablet on the next warning screen as well
      8. After the process is complete reboot the phone if it did not do so itself. The encryption was successful if you are prompted to enter your PIN/Password on system boot.
    • iPhones and iPads

      Select and implement one from each section.

      Anti-malware

      Location Services and Remote Wipe

      1. Open Find My iPhone
      2. Navigate to Settings > iCloud
      3. Sign in with your Apple ID or create one if prompted
      4. If the Find my option is disabled tap to enable it

      Encryption

      Note: Encryption is enabled on iOS when you require a passcode to access the phone.

      1. Navigate to Settings > Passcode. On older devices use Settings > General
      2. Tap Turn Passcode On
      3. Configure the settings to match your needs
        • Adjust time between screen off and passcode lock
        • Enable/Disable  alpha-numeric password
        • Adjust access level to device while locked
    • Windows

      Anti-malware

      Encryption

      • Submit a request through the Information Technology Support Center to have Winmagic SecureDoc installed on your university owned laptop and desktop.
      • As an alternate or for your personally owned device, download the Windows OS Encryption document.
    • Mac

      Anti-malware

      Encryption

      • Submit a request through the Information Technology Support Center to have encryption set up on your university owned Mac.
      • For your personally owned Mac, Enable Filevault 2

     

  • Frequently Asked Questions

    Why do I need to make security changes to devices I own?

    If you directly process or store any Category I or II information, you need to ensure it is protected.

    What is Category I

    Category I information is information that, if revealed publicly, could cause significant damage to the individual it describes and bring severe repercussions to the university.  The most clear example of this is the Social Security number and its relation to identity theft. 

    What is a personal device?

    Any smart phone, tablet, laptop, desktop, or other computer owned by an individual.

    What is data classification?

    The confidentiality of information based on how much damage could be done if that information were revealed publicly.

    What is sensitive data?

    Any information, if exposed, that could cause damage to the person it describes.  Examples include Social Security numbers, credit card information, and student grades all of which are Category I data.

    What if my work computers and tablets are not compliant?

    Changes are being made to the university’s networks that will prevent any unsecure device from connecting to the network.  We will be rolling those changes out over time and notifying employees of their requirements.

    Why not call Category I information confidential or private?

    The terms confidential and private are interpreted differently by each individual and tend to create confusion as to what term indicates greater sensitivity.

    What is remote data deletion?

    The ability and process allowing a device to have a command sent remotely to it ordering the device to delete information from the device.  Typically, the command must be sent so that it cannot be prevented from executing by the person currently in possession of the device.  This is performed as a result of a loss or theft.

    What is anti-malware?

    Software that prevents hacking programs (malware) from harming your information or covertly taking control of your device thereby exposing sensitive information.

    What is encryption?

    The process of mathematically hiding your information so that it can only be read by using the correct access, usually a user log in or special token.

    A lot of the information I work with is available to the public at large, why should I protect it?

    You should make sure the information is available to our constituents.  Some malware and hacking activity seeks to destroy or erase information.

  • OP 44.00 Changes
    OP 44.00 Changes

    The surge in mobile device use for university work has necessitated changes to the Angelo State University Information Security Policy to better define and delineate mobile device security requirements.  The following are short summaries of the changes to OP 44.00 that reflect these requirements.

     

    • Personal devices must be secured before storing or processing sensitive data.
    • Personal devices include: smart phones, tablets, laptops, desktops.
    • Securing the devices must include: PIN or password to unlock, setup for remote deletion, antimalware software, encryption for sensitive data
    • Individuals are responsible for anything that happens when they store or process sensitive university data

    If you have any questions about these policy changes, please contact the Information Security Office at 942-2333 or security@angelo.edu

 

Security News

  • Mobile Device Safety at Angelo State University

    Laptops, smartphones, tablets and other mobile devices are now a regular part of our daily lives. We use them to access our social media, our personal and work email, and even to access our work files from home.

Other security concerns you should know

Make sure you watch out for scam e-mails, and avoid illegal sharing of protected intellectual property.

More information

OP 44.00

Mobile Device Security

Mobile Services

ASU Information Security

Storing Protected Information

Outside Links

Privacy Act - Social Security Numbers

HIPAA - Health Information

FERPA - Student Information

PCI - Credit Card Information