Phone, Tablet and Mobile Device Use


Requirements and procedures are in support of governing Columbia University IT Policies and CUIMC Information Security Procedures.

Portable devices, including smartphones, tablets, and other mobile peripherals, are increasingly used as an extension of computers. Those that connect to institutional data - including email - typically store information in permanent and cached memory whether they are currently connected to the main source of the data. This combined with size and convenience of portable devices makes it all the more important to ensure that they are properly secured against accidental and intentional security breaches.

Requirements

Following is a summary of the Registration And Protection Of Endpoints Policy, which applies to any mobile device, whether personally or departmentally owned.

General Protection Requirements

Users must ensure the following.

* Smartphones and tablets configured for a CUIMC email account (any address ending in @cumc.columbia.edu) or Ivanti are automatically enforced to use encryption and a passcode with auto-lock. Details are under CUIMC IT Procedures below.

Additional Requirements for Sensitive, Confidential and PHI Data

Additional Guidelines

CUIMC IT Procedures

The following apply to smartphones and tablets using CUIMC IT support and/or connecting to a CUIMC email account (ending in @cumc.columbia.edu).

Compatible Devices

Prior to purchasing a device and contracting with any cellular service provider, you must verify that it is able to meet all security requirements. You must also verify that they have been properly configured and are in use throughout the time you have the device. The vendor must currently support the device's operating system, including the release of regular security patches.

CUIMC Email Enforced Compliance

Configuring a mobile device to connect to a CUIMC email account automatically enforces:

When first configuring CUIMC email you will receive an alert on the device itself prompting you to set up a passcode; at that time data encryption will also be configured.