- Applies to mobile devices connecting to the CCSU Exchange Server using ActiveSync, a mobile data synchronization application built-in to many mobile devices.
- Enforced on mobile devices such as smartphones (iPhones, Android devices) and tablets (iPads, Android devices); it does not apply to laptops.
- Requires the device to have a screen lock passcode or Personal Identification Number (PIN) in order to access apps on the device.
- Allows for the device to be remotely reset to faculty defaults if it is reported lost or stolen.
1. Why is CCSU implementing security on mobile devices?
Mobile device security is designed to protect CCSU-owned data from unauthorized access. Mobile devices have the ability to store Personally Identifiable Information (PII), both yours and that of other faculty, staff, and students. A lost or stolen mobile device puts that PII at risk of being accessed by unauthorized users, opening people up to identity theft and other malicious use of PII. Our implementation of this practice is in support of the State of Connecticut Enterprise Information Systems and Telecommunications Policy. According to the National Cyber Security Alliance's "STOP.THINK.CONNECT." campaign, it is important to secure your device using a passcode in order to protect your information (visit http://www.stopthinkconnect.org/tips-and-advice/safety-for-mobile-devices/ for more information).
2. How does the use of a passcode or PIN protect my device from unauthorized access?
When a passcode or PIN is implemented on a mobile device, it requires entry of that passcode or PIN in order to access apps on the device. By setting a passcode or PIN on your device, you are not only protecting CCSU information from unauthorized access, you are also protecting your own information. Many of us use our mobile devices to access financial information from bank, credit card, mortgage and other applications. Leaving your device wide open without a passcode or PIN will allow anyone to access this information should the device be lost or stolen.
3. What are the passcode/PIN requirements? Can I use a "password", "pattern", or "fingerprint" instead?
The minimum requirement is a simple passcode/PIN that must be at least 4 characters long.
- If your device supports it, you may set a longer passcode/PIN or password.
- On Android devices, you must use a passcode/PIN; you cannot use a "pattern" lock.
- On devices with a fingerprint reader, our understanding is that you must still have the minimally required passcode/PIN and the fingerprint is used as a "shortcut" for entering the passcode/PIN.
4. How do I set a PIN on my mobile device?
The steps to set a PIN vary for each type of mobile device. Here are instructions for some of the most common devices. If your device is not listed, contact your service provide or conduct a web search to locate instructions.
iOS Devices (iPhone/iPad)
- Tap Settings
- Tap Passcode (on some devices, this is found after tapping General)
- Tap Turn Passcode On
- Enter a 4-digit PIN then re-enter the 4-digit PIN to confirm
- Go to apps
- Tap Settings
- Tap Security
- Tap Change Screen Lock
- Go to Settings
- Select Lock & Wallpaper
- Set a password and then confirm.
- If my mobile device is lost or stolen, how do I initiate a remote reset to factory settings?
You may initiate a remote reset using Outlook Web Mail:
- Log in to Outlook Web Mail at https://webmail.ccsu.edu.
- Click on the Option button.
- Click on Mobile Devices.
- Click on the mobile device you wish to reset to factory settings.
- Click on Wipe All Data from Device then click OK to confirm you want to wipe all data from the device.
6. If my device is reset to factory settings, how can I restore my settings, apps, and other information?
We highly recommend that you back up your mobile device regularly. For iOS devices, we recommend that you back up to iTunes or iCloud (see http://support.apple.com/kb/HT1766 ). For Windows Phone devices, see http://www.windowsphone.com/en-us/how-to/wp8/basics/back-up-my-stuff for more information. There are a variety of Android device models on the market, therefore we recommend you check the manual or with your service provider for your particular device for the backup options and settings.
7. If I use the Mail app on my Windows 8 computer/tablet, will all my data get erased if I initiate a remote reset?
No. When a remote reset is initiated on a Windows 8 device, only email, contacts, and calendar stored in the built-in Mail app are deleted. For more information, see: http://windowsitpro.com/windows-8/doing-activesync-remote-wipe-windows-8-or-windows-rt-device.
8. If my mobile device has a PIN, how can I make an emergency call? How can emergency officials access my "ICE (In Case of Emergency)" contact information?
Most devices have an option to make an emergency call on the lock screen, without the need to enter the PIN. In addition, most devices have built-in "personal assistant" functionality, such as Siri on the iOS devices or voice dialer on the Android devices. Emergency officials can use this functionality to access your ICE contact. Some instructions for setting up an ICE contact on your phone can be found here: http://www.wikihow.com/Add-ICE-to-Your-Cell-Phone.
9. Can I still access my CCSU email on my mobile device if I don't want to set a PIN?
If you do not wish to set a PIN on your device, you will not be allowed to connect to your CCSU email using the built-in mail app which uses ActiveSync. You can, however, use the built-in web browser to access Outlook Web Mail at https://webmail.ccsu.edu.
10. If I don't set a PIN on my mobile device, will I still receive emergency notifications from the MIR-3 campus Emergency Notification System (ENS)?
Yes. You should log in to the ENS at //www.ccsu.edu/emergencynotification/ to check your settings. You can opt to receive text alerts and email notifications. If you do not have a PIN set on your mobile device, you may use the built-in web browser on your device to access your CCSU email using Outlook Web Mail at https://webmail.ccsu.edu.