Mobile Security Guidelines

Information Technology Services (ITS) supports mobile devices as part of its Exchange email service. These security guidelines will be enforced for supported mobile devices accessing this service.

These guidelines apply to all campus affiliates who are using a mobile device connecting to the ITS Exchange email system.

The ISU Code of Computer Ethics and Acceptable Use establishes a general policy for the use of computing, telephone, and information resources. The purpose of these guidelines is to establish acceptable practices that support the policy as it applies to mobile devices.

The following guidelines are enforced for all mobile devices supported through ITS. When a specific guideline is not outlined, the general computing policy applies.

Password Protection

  • Mobile devices must be password protected.
  • The minimum password length is 4 characters but longer passwords ensure stronger security.
  • Users cannot disable the password requirement.
  • The password will be required after one hour of inactivity.
  • After ten unsuccessful attempts to enter your password, all of the data on the devices is erased and the mobile device is disabled. (BlackBerry only)
  • Maximum password age is set to 365 days.
  • There is no enforced requirement to mix letters, numbers, or special characters but including this in your password ensures a stronger password.

Antivirus Software

Supported antivirus software is currently available for mobile devices. ITS may revisit this when solutions for the mobile device become available.


Data traveling to and from the mobile device is encrypted in transit. Content is also automatically encrypted on the device.

Device Loss

Promptly report lost or stolen devices to ITS. ITS may be able to disable and clear a lost or stolen device using mobile device administrative tools.