Re: iPad / mobile device security and policy

[Marty Manjak <mm376 () ALBANY EDU>]

Lewis,

We are considering using ActiveSynch to push a basic security policy out
to personally-owned mobile devices as a condition to getting access to
institutional business records.

We currently do this with Blackberries that are managed through our own
BES server.

We have a campus Information Security Council whose membership includes
the major data owners (Registrar, HR, Accounting, etc.). That's the
governance body that will formulate the policy requiring
personally-owned devices to comply with the acceptance of the security
policy.

This is all in the planning stages but that is the direction and the
control mechanism that we are looking to implement.



On 02/01/2011 11:46 PM, Watkins, Lewis wrote:
> I'm looking for model policies and processes for managing iPad use in campus environments?  Does your institution 
> have iPad specific policies, or are iPads included in a broader mobile device policy?  How do your faculty and 
> administrators currently use iPads?  Are any limits place on their use? Do you have specific configuraiton 
> requirements or recommendations?   How concerned are you about the security of iPads, particularly for use with 
> confidential information?   Thank you for any guidance, advice, or references you can provide.
>
>   Lewis
> ____________________________
> Lewis Watkins, CISO
> University of Texas System 
>  
>
>  

-- 
Marty Manjak
Information Security Officer
University at Albany
518/437-3813
CISSP, GSEC, GCIH, GWIN