Securing your computer, smartphone and tablet
Securing your computer
You are responsible for properly securing and managing your computer.
If you use a university-managed computer, your security settings will likely be managed for you. If you self-manage your university-owned computer, you are responsible for properly securing it.
If you access or maintain sensitive institutional data using your personally owned computer or self-managed university-owned computer, the following guidelines provide the minimum standard:
- Require a password for access to your computer.
- Always logout or lock your computer when leaving it unattended.
- Set your screensaver to activate after 15 or fewer minutes of inactivity, and require your password to unlock it.
- Install and maintain anti-virus software. ESET Endpoint Antivirus is available to University of Auckland staff for installation on their personal computers. For more information refer to the staff intranet site: NOD32 antivirus for Windows and Macintosh.
- Turn on automatic updates to keep your Operating System and applications up to date.
- Patch any applications that do not automatically update.
- Be alert for phishing attacks.
- When disposing of or repurposing your computer or media refer to the: Computer equipment transfer and disposal guidelines.
- Only install trusted applications from reputable software providers.
- Before downloading and installing any application from the internet, analyse it first with VirusTotal. VirusTotal is a free service run by Google that analyses suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware. Visit VirusTotal.
Securing your smartphone and tablet
Mobile computing devices such as smartphones and tablets provide convenient, portable, connected access from virtually anywhere. They are a rich source of locally stored and online information including email, photos, documents, location and contact information. In some cases, the data being stored on mobile devices may include University data.
The abundance, portability and value of mobile devices make them attractive items. They are easily lost or stolen. With such a rich source of data, it is important that precautions are taken to minimise the impact of any loss.
- Enable the screen lock. This might be a PIN, password, pattern or fingerprint etc.
- Put a PIN on your SIM card to stop thieves using the SIM in another phone.
- Set your device to automatically lock after a period of inactivity.
- Encrypt your device.
- Check for updates to your phone's operating system regularly.
- Backup your data regularly.
- When using cloud-backup services, or storing any data in the cloud, use two-factor authentication, or two-step verification if it is available.
- Only download apps from reputable stores such as the Apple App Store, Google Play and Microsoft Store.
- Enable remote locate and wipe services such as Apple's Find-my-iPhone.
- To assist you in case of your mobile theft or loss, ask your provider or manufacturer whether it has services such as mobile tracking and the ability to remotely wipe your information stored on the phone.
- When you first get your phone, take the time to record its 15 digit IMEI number. The IMEI number identifies your phone and can be used to blacklist your phone in the event that it is lost or stolen. The IMEI number should be on a white label or sticker found underneath the battery, or directly on the device. If you don't know your IMEI number you can obtain it by pressing *#06# on your mobile phone. Once blacklisted the IMEI will be blocked on all mobile carriers in NZ.
- Report lost or stolen phones immediately to your service provider and ask for the IMEI of the handset to be blacklisted.