Guideline for Laptops and Handheld Mobile Devices

I. Purpose

The purpose of this document is to provide guidance for protecting university information resources from unauthorized access or disclosure when using laptops or handheld mobile computing devices.

II. Scope

This guideline is applicable to UNC Charlotte faculty and staff as well as other authorized users who utilize a laptop or handheld mobile computing device to access or store university information resources. Every authorized user of university information resources has a responsibility to take appropriate measures to safeguard that information.

III. Contacts

Direct any general questions about this guideline to your unit’s Information Security Liaison. If you have specific questions, please contact OneIT Information Security Compliance at ISCompliance-group@charlotte.edu.

IV. Guidelines For Laptops

Laptop computers used to access university information resources are at increased risk of data exposure due to loss, theft or compromise. Remember to keep your laptop with you at all times or store it in a secured location when not in use. Do not leave your laptop unattended in public locations (e.g., airport lounges, meeting rooms, restaurants, etc.). The following safeguards should be applied to laptops:

V. guidelines for handheld mobile Devices

NOTE: Handheld mobile devices are defined as portable computing devices that are running an operating system optimized or designed for mobile computing, such as Android, Apple’s iOS, or Windows Mobile (e.g., smartphones, tablets).

If using a smartphone or tablet to access university information, the following security guidelines should be followed:

  • Configure the device with a PIN, pattern, or password-enabled lock screen.
  • Enable an automatic screen timeout for inactivity.
  • Ensure your device has current operating system, security, and application updates.
  • Enable a remote wipe feature, if available for the device.
  • Lost, stolen, misplaced or compromised smartphones or tablets should be immediately reported to OneIT and the IT administrator for your area.
  • Refer to the university’s Guideline for Reporting Information Security Incidents and follow the university’s Guideline for Data Handling with respect to data stored on your device.
  • If traveling abroad with a smartphone or tablet, contact the Office of Research Protections and Integrity, Export Control, for further guidance and information on applicable restrictions and/or procedures.

Related Resources

ISO/IEC 27002 was adopted by The University of North Carolina at Charlotte in 2012. All standards and guidelines are based on this code of practice for Information Security Management.

Revision History

Initially approved by Information Assurance Committee 5/8/15
Updated 5/4/23