Standard: Mobile Device Security

Tags SCRM

Scope

Rationale

  • Mobile devices are easily lost and stolen, so security standards are required to decrease the likelihood of a security incident as a result of a mobile device being lost or stolen

Standard

  • Passwords: All covered mobile devices are required to have a password that is at least four characters long; there are no complexity requirements
  • Automatic Locking: All covered mobile devices are required to lock their screens after 15 minutes of inactivity. Once locked, the mobile device must require its password to be entered before using the device to access any Miami resources
  • Erase After Failed Logins: All covered mobile devices are required to automatically erase themselves if ten incorrect passwords are entered on a locked device

Exceptions

  • Any exceptions to this standard require approval from the Information Security Officer before they are implemented

Standard Administration

Next Review Date

  • 07/01/2020

Responsible Officer

  • Vice President for Information Technology & Chief Information Officer

Contact

  • Assistant VP for IT Services Security, Compliance, and Risk Management

Approval(s) and Date(s)

  • Final reviewed by: Assistant VP for IT Services Security, Compliance, and Risk Management on June 5, 2012
  • Version 1.0 approved by: Assistant VP for IT Services Security, Compliance, and Risk Management on June 5, 2012
  • Version 2.0 approved by: Assistant VP for IT Services Security, Compliance, and Risk Management on August 4, 2017
  • Version 2.0 approved by: Assistant VP for IT Services Security, Compliance, and Risk Management on July 1, 2018

Revision History

  • 04 August 2017: automatic locking text expanded from email to any Miami resources

Related Document

 

Was this helpful?
0 reviews

Details

Article ID: 7365
Created
Thu 7/2/15 12:32 PM
Modified
Tue 6/11/19 12:55 PM