1 Purpose
This policy governs the security of mobile devices used to access Tulane University email resources for administrators, faculty and staff. Tulane University requires all users to use a password to access University email. Currently there are mobile phones and tablets systems that store user passwords internally. However, these devices themselves often are not locked or otherwise secured. This configuration circumvents the University authentication requirement by automatically accessing email with saved credentials on unlocked mobile devices.
2 Policy
Tulane University requires all users to use a password to access University email. Mobile devices used to access Tulane University email will be automatically configured to:
- Utilize 4-digit or longer PIN to lock devices.
- Erase and reset the device in the case of 10 sequential login failures.
3 Responsibilities
This policy is enforced at the email server level by the Information Security and Policy Office.
4 Audits
Mobile devices configured to use Tulane email are subject to spot audits.
5 Definitions
- Mobile Device: For the purposes of this policy a mobile device is a phone, smartphone, or tablet with a cellular-capable connection.