Jump to content

Apple and Windows Device Security Recommendations: Difference between revisions

no edit summary
No edit summary
No edit summary
Line 11: Line 11:
}}
}}


= Apple Help and Documentation=
=Apple Help and Documentation=
Apple provides a wealth of support documentation and online manuals for iOS devices on their website.  
Apple provides a wealth of support documentation and online manuals for devices on their website.  
* [http://www.apple.com/support/ipad/ iPad]
 
* [http://www.apple.com/support/iphone/ iPhone]
*[http://www.apple.com/support/ipad/ iPad]
* [http://www.apple.com/support/ipodtouch/ iPod Touch]
*[http://www.apple.com/support/iphone/ iPhone]
* [https://www.apple.com/watch/ Watch]
*[http://www.apple.com/support/ipodtouch/ iPod Touch]
= Best Practices =
*[https://www.apple.com/watch/ Watch]
=== Setting Up and Syncing your iOS device ===
 
=Best Practices=
===Setting Up and Syncing your iOS device===
It is never a good idea to setup and sync your iOS device to a Riverdale-managed campus Mac or PC desktop or carted laptop. If you have a personal iOS device, or have been given one from Riverdale, please [http://www.apple.com/itunes/download/ install the latest version of iTunes] on your ''personal'' desktop or laptop computer and set up and sync on this machine only. Although syncing with a Riverdale-managed device may ''appear'' to work, you may experience data loss. Just don't do it.
It is never a good idea to setup and sync your iOS device to a Riverdale-managed campus Mac or PC desktop or carted laptop. If you have a personal iOS device, or have been given one from Riverdale, please [http://www.apple.com/itunes/download/ install the latest version of iTunes] on your ''personal'' desktop or laptop computer and set up and sync on this machine only. Although syncing with a Riverdale-managed device may ''appear'' to work, you may experience data loss. Just don't do it.


=== Frequent Backup and Sync with iTunes ===
===Frequent Backup and Sync with iTunes===
To retain the integrity of your iOS applications, settings and personal data, it is essential to frequently backup, or sync, the device to your iTunes Library. Sync must either be done over the USB cable, or through Wi-Fi  syncing to a single computer. Within iTunes, you should choose to '''encrypt''' the backup file for your device as an additional security precaution. You will find the checkbox for this option on the Summary page for the device when it is connected. If you do not encrypt the iTunes backup, all saved passwords for email and other accounts cannot be restored.
To retain the integrity of your iOS applications, settings and personal data, it is essential to frequently backup, or sync, the device to your iTunes Library. Sync must either be done over the USB cable, or through Wi-Fi  syncing to a single computer. Within iTunes, you should choose to '''encrypt''' the backup file for your device as an additional security precaution. You will find the checkbox for this option on the Summary page for the device when it is connected. If you do not encrypt the iTunes backup, all saved passwords for email and other accounts cannot be restored.


=== Loss and Theft protection ===
===Loss and Theft protection===
To enable you to find a lost or stolen school-owned iPhone or iPad, you are required to enable the '''Find My iPhone (iPad) service''' using your iCloud account. When this service is enabled, you will be able to track your device, as well as remotely clear it of all data.
To enable you to find a lost or stolen school-owned iPhone or iPad, you are required to enable the '''Find My iPhone (iPad) service''' using your iCloud account. When this service is enabled, you will be able to track your device, as well as remotely clear it of all data.


Full instructions on how to enable and utilize the '''Find My iPhone (iPad) service''' will be found at [https://support.apple.com/explore/find-my-iphone-ipad-mac-watch Apple Support - Find My iPhone, iPad, Mac and iWatch.]
Full instructions on how to enable and utilize the '''Find My iPhone (iPad) service''' will be found at [https://support.apple.com/explore/find-my-iphone-ipad-mac-watch Apple Support - Find My iPhone, iPad, Mac and iWatch.]


=== Passcode Security ===
===Passcode Security===
The single-user design of iPads and iPhones enables the retention of passwords for Riverdale Google accounts, as well as any other connections such as WebDAV and Citrix. Many mobile applications retain downloaded confidential data in readable format. Because of the mobile nature of these devices, the opportunity for theft or loss is greatly increased. As a result, deliberate or accidental access to confidential information, as well as outright malicious intent towards the safety of your data can occur. It behooves any mobile RCS user to protect access to important School services by using a more secure passcode.  
The single-user design of iPads and iPhones enables the retention of passwords for Riverdale Google accounts, as well as any other connections such as WebDAV and Citrix. Many mobile applications retain downloaded confidential data in readable format. Because of the mobile nature of these devices, the opportunity for theft or loss is greatly increased. As a result, deliberate or accidental access to confidential information, as well as outright malicious intent towards the safety of your data can occur. It behooves any mobile RCS user to protect access to important School services by using a more secure passcode.  


==== Setting the Passcode ====
====Setting the Passcode====
Please enable a more secure passcode than the default 4 digits. Common sense alone requires you to set a more stringent passcode if you use your iPad/iPhone to access Riverdale services.
Please enable a more secure passcode than the default 4 digits. Common sense alone requires you to set a more stringent passcode if you use your iPad/iPhone to access Riverdale services.
* Make sure your iOS device has been upgraded to the latest iOS version through iTunes or via wireless updating (available in iOS version 6 or greater.)
* From the Settings app, go to the '''General''' setting and choose '''Passcode''' or '''Touch ID & Passcode''' (on a Touch ID equipped device.)
* Enter your simple, 4-digit passcode, if enabled.
** If a Passcode has ''not'' been enabled, please enable it now by selecting the '''Turn Passcode On''' button.
* Set the '''Require Passcode''' to 15 minutes or less.
* Set '''Simple Passcode''' to OFF
** This setting will then ask for you to enter a more complex password which can contain upper & lower case letters, numbers, and punctuation marks. At the very least, create a passcode which follows the [http://knowledge.riverdale.edu/index.php?title=Change_My_Passwords#Password_Requirements requirements for your Riverdale Domain password.]
*** Using your Riverdale Domain password is '''not recommended''' for this passcode. See this page on [http://secure.wikimedia.org/wikipedia/en/wiki/Shoulder_surfing_%28computer_security%29 Shoulder Surfing] for more information on this recommendation.
* Optionally, select the '''Erase Data''' setting to erase all data on the iOS device after 10 failed passcode attempts. If you use this setting, make sure to sync your iOS device with iTunes on a regular basis. After the '''Erase Data''' mechanism is invoked, the iOS device will be wiped clean and you will need to restore the settings & applications through iTunes.


=== Resetting & Erasing an iOS device for return ===
*Make sure your iOS device has been upgraded to the latest iOS version through iTunes or via wireless updating (available in iOS version 6 or greater.)
*From the Settings app, go to the '''General''' setting and choose '''Passcode''' or '''Touch ID & Passcode''' (on a Touch ID equipped device.)
*Enter your simple, 4-digit passcode, if enabled.
**If a Passcode has ''not'' been enabled, please enable it now by selecting the '''Turn Passcode On''' button.
*Set the '''Require Passcode''' to 15 minutes or less.
*Set '''Simple Passcode''' to OFF
**This setting will then ask for you to enter a more complex password which can contain upper & lower case letters, numbers, and punctuation marks. At the very least, create a passcode which follows the [http://knowledge.riverdale.edu/index.php?title=Change_My_Passwords#Password_Requirements requirements for your Riverdale Domain password.]
***Using your Riverdale Domain password is '''not recommended''' for this passcode. See this page on [http://secure.wikimedia.org/wikipedia/en/wiki/Shoulder_surfing_%28computer_security%29 Shoulder Surfing] for more information on this recommendation.
*Optionally, select the '''Erase Data''' setting to erase all data on the iOS device after 10 failed passcode attempts. If you use this setting, make sure to sync your iOS device with iTunes on a regular basis. After the '''Erase Data''' mechanism is invoked, the iOS device will be wiped clean and you will need to restore the settings & applications through iTunes.
 
===Resetting & Erasing an iOS device for return===


When you return a long-term Riverdale-provided Mac Laptop or iPad/iPhone to the Technology Department, you must make sure that you follow the steps below to disable '''Find My iPad (iPhone)''' (see above) and to delete (iPad) or logout from (laptop) your iCloud account. You '''must''' reset your iPad to factory settings before you return it. If you have forgotten the passcode for your iPad and cannot reset it yourself, '''and''' [http://www.apple.com/icloud/find-my-iphone.html Find My Device] is still enabled, please inform the Technology Department.  On a returned laptop, it is suggested that you remove any personal documents in your user account. Laptops will be wiped clean (digitally and physically) for you by the Tech department and we won't login to inspect any files or data.
When you return a long-term Riverdale-provided Mac Laptop or iPad/iPhone to the Technology Department, you must make sure that you follow the steps below to disable '''Find My iPad (iPhone)''' (see above) and to delete (iPad) or logout from (laptop) your iCloud account. You '''must''' reset your iPad to factory settings before you return it. If you have forgotten the passcode for your iPad and cannot reset it yourself, '''and''' [http://www.apple.com/icloud/find-my-iphone.html Find My Device] is still enabled, please inform the Technology Department.  On a returned laptop, it is suggested that you remove any personal documents in your user account. Laptops will be wiped clean (digitally and physically) for you by the Tech department and we won't login to inspect any files or data.


==== Supervised iPad Procedures ====
====Supervised iPad Procedures====


If you have an iPad which has been preconfigured with apps and settings, it is most likely supervised and needs to be returned to iPad specialists at the River and HIll campuses for un-supervision. In particular, any school-managed iPad, like the Sixth Grade 1:1 program, or any carted iPad, must be unsupervised before being reset. Faculty and Staff iPads provided by the school for your use and self-managed, (i.e. you download apps with your personal iCloud account, for example,) are usually not supervised and are exempt. There are 1:1 programs where students and faculty are given iPads to self-manage which are not supervised.
If you have an iPad which has been preconfigured with apps and settings, it is most likely supervised and needs to be returned to iPad specialists at the River and HIll campuses for un-supervision. In particular, any school-managed iPad, like the Sixth Grade 1:1 program, or any carted iPad, must be unsupervised before being reset. Faculty and Staff iPads provided by the school for your use and self-managed, (i.e. you download apps with your personal iCloud account, for example,) are usually not supervised and are exempt. There are 1:1 programs where students and faculty are given iPads to self-manage which are not supervised.
309

edits