Physical Device Security

Sometimes, our information doesn’t get stolen by cyber criminals but rather by common thieves as we go about our day. Other times, we may accidentally lose a device. We store nearly everything on our phones, tablets, laptops, and desktops. Whichever the reason, we need to ensure that our devices and information on them are protected if we should lose access to them. 

Below are a few ways you can assure your devices will remain secure:

TRACK AND PROTECT YOUR DEVICE

Each of your devices should have a strong, unique password or a unique PIN number with at least 6-digits. You can configure your mobile devices to erase data on the device automatically after multiple failed login attempts. If your device has a biometrics authentication factor, be sure to turn it on.

• iPhone, iPad, or iPod touch Passcode Settings
• Android Device Lock & Unlock Settings

If you have an iPhone (or most other Apple devices) you can track them through their GPS location using Apple's Find My iPhone. If you are on an Android device, and you've added a Google Account to the device, you can track your phone through the Android Device Manager. These services will allow you to get an exact location, lock your device, and even wipe your device clean. 

If you have your computer with you in the car and need to leave the vehicle for any reason, the computer should be placed in a locked trunk. 

KNOW YOUR DEVICE

If you lose your device, in order to help authorities locate it, you can complete an Electronic Device Registration with the University Police. Be prepared to know your device type, brand, model, serial number, and color. 

USE A LOCKOUT MECHANISM

Every time you leave you are not actively using your device it should be locked. This means locking your computer screen when you are stepping away from your workstation. Additionally, configure a timer to automatically lock your device when not in use.

• Windows 10 Automatic Device Lock
• MacOS Automatic Device Lock

ENCRYPT

Encryption is a way of transforming your data into an unreadable format that should only be deciphered by your password or passphrase. In the case that your device gets stolen, thieves can't simply view your files. If using full disk encryption it is IMPORTANT to remember your password key. If you do not have the password key, you will not be able to get into an encrypted device. 

• Windows 10 Device Encryption
• Mac FileVault Full-Disk Encryption

BE AWARE OF YOUR SURROUNDINGS

TAILGATING
Tailgating, also referred to as piggy-backing, is when an unauthorized person follows an authorized person into a restricted building or area. Once inside of a restricted area, a tailgater could physically destroy computing equipment, steal valuable property, or access sensitive data. 

DUMPSTER DIVING
Criminals will often search through trash receptacles searching for items of value such as personal information or old tax documents. If you have physical documentation that contains sensitive information, it should be cross-shredded or placed in a blue or gray locked receptacle located around campus to be incinerated.

SHOULDER SURFING
Shoulder surfing refers to spying on other users of a device in order to obtain personal access information. Shoulder surfing involves looking over a person's shoulder to gather pertinent information while the victim is oblivious. This is especially effective in crowded places where a person uses a computer, smartphone or ATM. The most commonly stolen data through shoulder surfing includes passwords, credit card numbers, and personal identification numbers (PIN).