Your responsibilities when using a "bring-your-own-device" at work, or when you manage the configuration of a computer yourself.
What is BYOD? What is self managed?
BYOD is "Bring Your Own Device" - where you use a computer or device you personally own to do University work.
"Self managed" is where you use a device that is owned by the University but you are personally responsible for its configuration and administration. Even if you have been given a device which has been preconfigured by your local support, if there is no mechanism constantly keeping it configured then by definition it is self managed.
In most circumstances you will be most secure if you are using a University device running an automatically configured and supported operating system as you will only have the responsibilities of a user rather than also having the responsibilities of a system administrator. The University has several Supported Desktop operating systems which run on both desktop computers and laptops.
If you are using a personal device to access University services then you have a responsibility to ensure that University users, data and services are kept safe.
You should always ensure that any BYOD computers are configured correctly before using, and are kept up-to-date and secure. Using the "Guidance on configuring BYOD or self managed devices securely" on this page can assist with this
You should always ensure that any BYOD mobile phones and tablets are configured correctly before using, and are kept up to date and secure.
If you are using a University owned but self managed device to access University services then you have a responsibility to ensure that University users, data and services are kept safe.
You should ensure that any self managed computers are configured correctly and are kept up-to-date and secure. If you did not perform the original configuration you should check that the configuration is secure and continue to check throughout your use of the device. Using the "Guidance on configuring BYOD or self managed devices securely" on this page can assist with this.
You should ensure that any self-managed mobile phones and tablets are configured correctly, and are kept up to date and secure. If you did not perform the original configuration you should check that the configuration is secure and continue to check throughout your use of the device. For iPads there is a University supported configuration service
The following advice is not exhaustive, and it is the responsibility of the user to make sure that all and any necessary steps are taken promptly to keep University services and data secure.
Keep your operating system up to date
Make sure that all updates from the OS manufacturer are installed as quickly after release as possible. Ideally, make sure that any updates are downloaded and installed automatically. If a manufacturer is no longer supporting the version of operating system you are using then do not continue to use it and look to upgrade the operating system and/or device to a supported version.
Keep your software up to date
Software you use can also introduce security issues. Make sure that you know what you have installed and keep an eye on security announcements for that software, then install updates as soon as possible. Ideally, make sure that any updates are downloaded and installed automatically
Don't install any software that you don't need, and uninstall software that is no longer needed
If you don't have the software installed then a security issue with that software will not be an issue
Don't install any software from dubious sources
Always make sure that you are downloading software from the manufacturer's website or a reputable source.
Do not reduce the security of your firewall
Most operating systems come with a firewall to protect your device with a safe configuration. Be careful when allowing applications to change the firewall settings.
