Apple and Windows Device Security Recommendations: Difference between revisions

No edit summary
Line 20: Line 20:


=Best Practices=
=Best Practices=
===Syncing your iOS device===
===Backing up your iOS device===
It is a good idea to sync your iOS device to a laptop or desktop. Both iOS device and laptop/desktop can be supplied by Riverdale.
It is a good idea to back up, or sync, your iOS device to a [https://support.apple.com/en-us/HT211229 Macintosh] or [https://support.apple.com/en-us/HT212156 Windows] laptop or desktop computer or to [https://support.apple.com/en-us/HT211228 iCloud]. Both the iOS device and laptop or desktop can be supplied and/or managed by Riverdale.


To retain the integrity of your iOS applications, settings and personal data, it is essential to frequently backup, or sync, the device to your computer. Sync must either be done over the USB cable, or through Wi-Fi  syncing to a single computer. Within iTunes, you should choose to '''encrypt''' the backup file for your device as an additional security precaution. You will find the checkbox for this option on the Summary page for the device when it is connected. If you do not encrypt the iTunes backup, all saved passwords for email and other accounts cannot be restored.
To retain the integrity of your iOS applications, settings and personal data, it is essential to frequently backup, or sync, the device to your computer. Sync must either be done over the USB cable, or through Wi-Fi  syncing to a single computer. You should choose to '''encrypt''' the backup file for your device as an additional security precaution. You will find the checkbox for this option on the Summary page for the device when it is connected. If you do not encrypt the iTunes backup, all saved passwords for email and other accounts cannot be restored.


===Loss and Theft protection===
===Loss and Theft protection===
Line 31: Line 31:


===Passcode Security===
===Passcode Security===
The single-user design of iPads and iPhones enables the retention of passwords for Riverdale Google accounts, as well as any other connections such as WebDAV and Citrix. Many mobile applications retain downloaded confidential data in readable format. Because of the mobile nature of these devices, the opportunity for theft or loss is greatly increased. As a result, deliberate or accidental access to confidential information, as well as outright malicious intent towards the safety of your data can occur. It behooves any mobile RCS user to protect access to important School services by using a more secure passcode.  
The single-user design of iPads and iPhones enables the retention of passwords for Riverdale Google accounts, as well as any other logins to personal email, banking and ecommerce sites. Many mobile applications retain downloaded confidential data in readable format. Because of the mobile nature of these devices, the opportunity for theft or loss is greatly increased. As a result, deliberate or accidental access to confidential information, as well as outright malicious intent towards the safety of your data can occur. It behooves any mobile RCS user to protect access to important School services by using a more secure passcode.  


====Setting the Passcode====
====Setting the Passcode====
Line 43: Line 43:
*Set '''Simple Passcode''' to OFF
*Set '''Simple Passcode''' to OFF
**This setting will then ask for you to enter a more complex password which can contain upper & lower case letters, numbers, and punctuation marks. At the very least, create a passcode which follows the [http://knowledge.riverdale.edu/index.php?title=Change_My_Passwords#Password_Requirements requirements for your Riverdale Domain password.]
**This setting will then ask for you to enter a more complex password which can contain upper & lower case letters, numbers, and punctuation marks. At the very least, create a passcode which follows the [http://knowledge.riverdale.edu/index.php?title=Change_My_Passwords#Password_Requirements requirements for your Riverdale Domain password.]
***Using your Riverdale Domain password is '''not recommended''' for this passcode. See this page on [http://secure.wikimedia.org/wikipedia/en/wiki/Shoulder_surfing_%28computer_security%29 Shoulder Surfing] for more information on this recommendation.
***Using your Riverdale Domain password is '''''not recommended''''' for this passcode. See this page on [http://secure.wikimedia.org/wikipedia/en/wiki/Shoulder_surfing_%28computer_security%29 Shoulder Surfing] for more information on this recommendation.
*Optionally, select the '''Erase Data''' setting to erase all data on the iOS device after 10 failed passcode attempts. If you use this setting, make sure to sync your iOS device with iTunes on a regular basis. After the '''Erase Data''' mechanism is invoked, the iOS device will be wiped clean and you will need to restore the settings & applications through iTunes.
*Optionally, select the '''Erase Data''' setting to erase all data on the iOS device after 10 failed passcode attempts. If you use this setting, make sure to backup and sync your iOS device on a regular basis. After the '''Erase Data''' mechanism is invoked, the iOS device will be wiped clean and you will need to restore the settings & applications from your laptop/desktop or through iCloud.


===Resetting & Erasing a macOS laptop or iOS device for return===
===Resetting & Erasing a macOS laptop or iOS device for return===
Line 50: Line 50:
When you return a Riverdale-provided Mac Laptop or iPad/iPhone to the Technology Department, you must make sure that you follow the steps below to disable '''Find My iPad (iPhone)''' (see above) and to delete (iPad) or logout from (laptop) your iCloud account. You '''must''' reset your iPad to factory settings before you return it. If you have forgotten the passcode for your iPad and cannot reset it yourself, '''and''' [http://www.apple.com/icloud/find-my-iphone.html Find My Device] is still enabled, please inform the Technology Department.  On a returned laptop, it is suggested that you remove any personal documents in your user account. Laptops will be wiped clean (digitally and physically) for you by the Tech department and we won't login to inspect any files or data.
When you return a Riverdale-provided Mac Laptop or iPad/iPhone to the Technology Department, you must make sure that you follow the steps below to disable '''Find My iPad (iPhone)''' (see above) and to delete (iPad) or logout from (laptop) your iCloud account. You '''must''' reset your iPad to factory settings before you return it. If you have forgotten the passcode for your iPad and cannot reset it yourself, '''and''' [http://www.apple.com/icloud/find-my-iphone.html Find My Device] is still enabled, please inform the Technology Department.  On a returned laptop, it is suggested that you remove any personal documents in your user account. Laptops will be wiped clean (digitally and physically) for you by the Tech department and we won't login to inspect any files or data.


====Supervised iPad Procedures====
====User-managed or RCS Supervised iPad Return Procedures====
If you are returning an iPad which is managed by RCS, or you have a self-managed iPad, follow these instructions.


If you have an iPad which has been preconfigured with apps and settings, it is most likely supervised and needs to be returned to iPad specialists at the River and HIll campuses for de-supervision.
#'''Disable Touch ID/Face ID & Passcode''' - Go to Settings > Touch ID/Face ID & Passcode. Disable all the Touch ID/Face ID options and select the '''Turn Passcode Off''' option.
 
====iPad Procedures====
If you are returning an iPad which you have self-managed, follow these instructions.
 
#'''Disable Touch ID or Face ID & Passcode''' - Go to Settings > Touch ID / Face ID & Passcode. Disable all the Touch ID / Face ID options and select the '''Turn Passcode Off''' option.
#'''Find My iPad''' - Go to Settings > iCloud > Find My iPad and switch it off. Your AppleID and password is required.
#'''Find My iPad''' - Go to Settings > iCloud > Find My iPad and switch it off. Your AppleID and password is required.
#'''Sign out of iCloud''' - In the same iCloud settings pane at the bottom, tap the '''Sign Out''' button. Your AppleID and password, as well as the device passcode, may be necessary.
#'''Sign out of iCloud''' - In the same iCloud settings pane at the bottom, tap the '''Sign Out''' button. Your AppleID and password, as well as the device passcode, may be necessary.
#'''Erase all Content and Settings''' - reset the iPad to factory settings by going to Settings > General > Reset > Erase  All Content and Settings. You will need to type the device passcode.
#'''Erase all Content and Settings''' - reset the iPad to factory settings by going to Settings > General > Reset > Erase  All Content and Settings. You will need to type the device passcode.


Once the iPad has been wiped clean, it offers the setup Hello! screen. Power down by holding down the power button on the iPad, and swipe the "slide to power off" button.
Once the iPad has been wiped clean, it offers the setup Hello! screen. Power down by holding down the power button on the iPad, and swipe the "slide to power off" button. Return the device to a member of the Tech Department and indicate you have followed these instructions.


====Laptop Procedures====
====Laptop Procedures====
309

edits