Go Directly to Page Content
Go Directly to Site Search
Go Directly to Site Navigation
ITS Safe Computing

Secure and Manage Your iPhone/iPad

If you are permitted to access or maintain sensitive institutional data using your mobile device, please meet the minimum expectations below.

See Your Responsibilities for Protecting University Data When Using Your Own Devices for a complete list of your responsibilities when using your own devices to work with sensitive U-M data.

By meeting the minimum expectations below, you also protect your personal data.

Minimum Expectations for a Secure Device

Settings

What to Do How Why
Require a passcode for access Set up a Passcode:
  • Set passcode lock to activate after 15 or fewer minutes of inactivity
  • Set to erase data after 10 failed passcode attempts
  • Prevents others from using your device
  • Enhances iPhone's built-in encryption
More info: iOS: Understanding data protection.
Install U-M VPN (Virtual Private Network) software if you expect to use untrusted networks (such as guest wireless in a hotel or coffee shop) Members of the U-M community can download and install the U-M VPN. UMHS faculty and staff should download and install the UMHS VPN.* The U-M and UMHS VPNs—Virtual Private Networks— provide a secure computing experience when accessing a U-M network from a remote location or when using a wireless connection.
Turn on Find My iPhone Set up Find My iPhone. If your device is lost, you can track it or erase the data on it remotely.

*U-M Health System (UMHS) faculty and staff should use the Cisco AnyConnect VPN client provided by Medical Center Information Technology (MCIT) to access Protected Health Information (PHI), Clinical Network and Applications, Schedulon, and Printing, as well as to access file servers and internal UMHS web content. For more information, installers, and instructions, see VPN - Cisco AnyConnect SSL Client in the UMHS KnowledgeBase.

Connections

What to Do How Why
Use a secure network connection. Your cellular carrier network is the best choice. Use your cellular carrier network and turn off wireless when you are not using it. If you use a wireless connection, make sure it is a secure wireless network, such as MWireless. To prevent unauthorized access to the information you send and receive across networks.
Turn on the U-M VPN if using untrusted wireless networks (such as guest wireless in a hotel or coffee shop). (UMHS users should use the UMHS VPN. See footnote above.)
  1. Be sure you've installed the VPN.
  2. Go to Settings and turn on VPN.
The U-M and UMHS VPNs—Virtual Private Networks— provide a secure computing experience when accessing a U-M network from a remote location or when using a wireless connection.
When not using WiFi and Bluetooth, turn them off Go to Settings and turn off Bluetooth and WiFi. This prevents unauthorized access to your device through those connections.

Management

What to Do How Why
Keep your iOS software updated Update your iOS software. Get the latest security updates and improvements.
Keep your apps updated Update apps. Get the latest security updates and improvements.
Only install apps from the App Store   These apps have been tested for security issues.
Do not jailbreak your device   Jailbreaking bypasses security features. See Apple's warning about unauthorized modification of iOS.
If you travel outside of the U.S., be aware certain types of sensitive data cannot be accessed or maintained outside the country. See the Sensitive Data Guide for details. There are legal restrictions on certain sensitive data types (such as Export Control, HIPAA, and FISMA).
Before you sell or give away your device, back it up then erase all content and settings Back up and erase all content and settings.
  • Keep your content and settings for your next device.
  • Prevent unwanted access from your old device.
Report security incidents If your iPhone is lost or stolen and you've used it to store or access sensitive data, notify the ITS Service Center. It is your responsibility.
Back To Top

Additional Best Practices

Consider these additional options for enhanced security for your device and the data maintained on or accessed from it.

  • Turn off "Ask To Join Networks" (under Wi-Fi settings).
  • Turn off GPS/Location Services for apps where you do not need it (under Privacy settings).
  • Set your web browser for private browsing. See iOS: Safari web settings for details about Safari security settings. In Chrome, open the Chrome menu and look for the advanced privacy settings.
  • Turn on airplane mode when you do not need to use your phone, GPS, radio, WiFi, or Bluetooth. See iOS: Understanding airplane mode.
  • Avoid using public Wi-Fi hotspots.
  • Protect yourself online. Use strong passwords, protect your identity, avoid and report phishing, and maintain secure web browser settings.
  • Put a sticker on your phone with your name and email address. This low-tech, practical step enables somebody to contact you if they find your lost phone, even if the battery is dead.
Back To Top
Back To Top