Safeguarding Information on Mobile Devices

One of the most common sources of privacy breaches is the loss or theft of mobile devices containing personal information. If this happens, the first question we ask is whether the device was encrypted. Several privacy commissioners have stated that organizations fail to meet their duties under privacy legislation if they fail to encrypt mobile devices.

For this reason, the Encryption Procedure states that any mobile computing device that is used to store personal information under the custody or control of the university must be encrypted and protected in accordance with standards developed by the Vice-Provost (Information Technology)'s office. This applies regardless of whether the device is owned by the university or the individual.

You can find out more about how to safeguard information on mobile devices at:

Chief Information Security Officer: Mobile Security

September 2015