Skip to navigation content (Press Enter).

Smart Device & Tablet Security

Smart devices and tablets are quickly becoming the new standard for accessing information.  As these devices continue to proliferate, it is incumbent upon system administrators to appropriately secure them.  Appropriate system management of user devices assures the confidentiality of data and information by preventing unauthorized access, the integrity of the host configuration, and availability by preventing unnecessary downtime.

Scope

These guidelines apply to any host system managed by any McMaster University.  These are recommendations and guidance for system administrators.

Guidelines for deploying secure smart devices and tablets

Content...

  • Encryption of device contents such as contacts strongly encouraged if available
  • Files containing corporate and/or student information must not be stored on the device
  • Where possible, retention of electronic mail should be limited to 2 weeks on device
  • Passwords used to access McMaster University information systems must not be stored on the device

Perform regular risk assessments...

System Administrators should perform the following risk assessments:

  • Malware scans should be performed weekly

Enable and maintain local technical controls

  • Uninstall software and disable services that are not in use and/or not required
  • Configure the operating system and applications to automatically install security updates and/or patches
  • Install, maintain and use anti-virus and/or anti-malware software

Enable physical controls...

  • Devices must not be left unattended unless properly secured.

Control local access

  • Pin or password protection must be used
  • System should automatically lock if unattended
    • Recommended setting is 10 minutes of inactivity for password protected screen saver to become enabled
  • Disable, rename or delete unnecessary default accounts, including but not limited to operating system accounts, remote access accounts, application management accounts, service accounts

Control remote access...

  • Enable and configure a local system firewall or host based intrusion prevention
  • Connections to management interfaces from outside of the McMaster University network should always be made through the Virtual Private Network (VPN)
    • Disable remote desktop and remote access unless absolutely necessary 
  • Remote access should be granted using the principle of least privilege and authority*
    • System firewall should be enabled and properly configured.

Service Bulletins

Citrix Receiver Client Update

UTS asks Citrix users to upgrade Citrix Receiver Client to the most current version by February 28, 2017. See UTS Citrix website for installation and removal information.


Mosaic Upgraded Interface

Service Desk

Client Self Service:
https://servicedesk.mcmaster.ca
Hours: Monday - Friday
8:30 am - 4:30 pm
Phone: 905-525-9140 x24357 (2HELP)
Email: uts@mcmaster.ca
Location: Main Campus BSB Rm. 245
Service Catalogue:
http://www.mcmaster.ca/uts
-->

Great Idea Site

Great Idea