Guidance

End User Devices: Advice for End Users

Created:  24 Sep 2016
Updated:  24 Sep 2016
We recommend that guidance is given to all remote and mobile users on how to keep information on their devices safe and secure.

This advice will need to be tailored to the particular device(s) being used, and matched to the local business procedures and activities. Some advice to users is common across all types of device, and this is provided here as a suggestion.

General advice

Some of the settings on your device have been configured by your system administrator to help keep the information on it secure. Changing or circumventing these settings could put information at risk. If you are unsure about any of the settings, or what to do in particular situations, please contact your IT helpdesk.

This device is valuable and so it is attractive to thieves. Take sensible precautions to prevent its loss or theft - but don’t put yourself at risk. Don’t leave the device unattended in an insecure location (e.g. outside of your house or office) - lock it away if possible, or keep it on your person.

If your device is lost or stolen contact your IT helpdesk immediately to report this. You won’t be in trouble - it is better to report such a loss as quickly as you can. The faster you get in contact, the better - there is more that can be done to prevent information being accessed.

When you are using your device be aware of who might be able to see your screen, and consider, if applicable, using a screen privacy protector. Devices which have ‘touch screens’ are particularly easy for bystanders to see what you are typing - even passwords. 

Physical connections

You should only use the specific device(s) that your organisation has approved, this includes all of the peripherals that come with the device(s).

Your device should only ever be recharged with trusted power adapters and cables.

Don’t physically connect your device to any computer without the approval of your IT helpdesk. This includes USB, HDMI, Firewire etc.

Any ability to bridge connections using your device (e.g. internet connection sharing) must not be used unless specifically approved by your IT administration.

Passwords

Whatever the reason, you must never disclose your password to anyone (including IT support staff, your manager, or a colleague), either in person, by phone, or by email or text message.

It is acceptable to write your password down, but it must be stored securely - and never with the device itself. For example, if you write your password down, seal it into an envelope, and then store it according to its sensitivity (e.g. kept in a secure, locked, cabinet). Under no circumstances should you ever carry this copy of the password with your device.

Your organisation may set some rules about what you can use for a password. The most important thing is that it should be difficult for somebody else to guess that password, even if they know you well. Never share the same password across different systems or devices.

Overseas use

In general, it is acceptable for you to take and use your device overseas, provided that your organisation has approved this.

As highlighted above, you must be extra vigilant and take extra care to ensure that no one overlooks you when you are using your device, and must take all possible precautions to prevent the theft of your device.

If things go wrong

When something goes wrong, or you suspect your device or its data may be compromised, it is important to take action promptly.

If you have any reason to suspect that someone else knows your password then it must be changed immediately - either on the device itself or by contacting your IT helpdesk.

If you forget the password for your device you should contact your IT helpdesk, who will confirm your identity before a password reset can take place.

If your device stops functioning as normal, and/or experiences a significant decrease in performance or battery life, contact your IT helpdesk for further advice.

If you are experiencing problems with the device, you must never give your device to anyone else (e.g. a commercial repairer) to try to fix; always contact your IT helpdesk.

If you think someone may have tampered with your device (such as accessing the inside of it, or removing / replacing parts of it), stop using it immediately, turn it off, and contact your IT helpdesk for assistance.

Was this guidance helpful?

We need your feedback to improve this content.

Yes No