Deployment and safe use of mobile devices

• Set a PIN code on your device as well as a passcode (Apple) or a lock code (Android).
  • The PIN code is a property of the SIM card, which protects the SIM card and the subscription against illegal use.
  • For security reasons, a PIN code must always be used on mobile devices.
  • When deploying the mobile device, immediately change the default code set by Elisa.
  • The passcode/lock code will set your device to lock automatically if someone tries to replace the SIM card or if you do not use the device for a while.
• Make sure that the operating system and applications of your device stay up to date. 
  • Make sure you have the latest version installed on your device. If the latest updates cannot be installed on your device, we recommend that you acquire a new device. 
• Mobile devices offer the possibility of positioning a lost phone. Read more about remote positioning in the device manufacturer’s own instructions.    
• You should enable remote locking of the phone in case the phone is stolen or gets lost. The remote locking feature allows you to lock the phone when it has gone missing or been stolen.
  • Read more about remote locking on the website of the manufacturer of your device.
    Apple’s Find My service
    Find, lock, or erase a lost Android device 

When you begin using the Microsoft 365 service on mobile devices, you simultaneously grant administration the right to remotely manage the device in question. If necessary, administration can delete all the data in the device. This concerns devices owned by the University of Helsinki and also privately purchased devices.

Administration will only activate the remote wipe when there is a reasonable cause to suspect that the device has fallen into the wrongs hands (e.g. it has been stolen) and it is possible that important data will also fall into the wrong hands. In this case, the identity of the person requesting the remote wipe is checked. A log is compiled of the measures that administrators carry out on a phone.

You can remote wipe your devices by following separate instructions.

Do not leave the device unattended in public areas, in your vehicle or even in your office.

How to safely use your device

1. Use the device’s own intact charger only.

2. Charge devices under supervision, not at night, for example.

3. Put the device on a non-flammable surface when charging it.

4. Stop using the device immediately if you notice any warning signs of battery failure, such as abnormal heat, battery bulge or battery smell. For example, a dent in the device may damage the battery.

5. If you notice any of the above signs on your device, stop using it immediately and notify the IT Helpdesk.

• Pay attention to what you say out loud in a public place.
• Avoid writing sensitive messages in a public place.
• Avoid typing passwords in a public place; someone may see your password by peeking over your shoulder or by watching which buttons you press as you type the password.
• Avoid saving passwords on your mobile phone. It might be easy to ignore this tip and claim that the device is easier to use without these precautions, but information security settings must be taken seriously and you must protect your device appropriately.
   

Create your own Google or Apple account for your work phone. This allows you to install apps and updates using your work account and keep your work matters separate from your private Google or Apple account.

Only install programs from the official app store on your phone (Google Play/App Store).

When installing programs, you should remember that various additional programs may cause problems when using the mobile device. Installing programs that are not necessary and proven to be safe must be avoided.

• Installation instructions for using Eduroam, OpenVPN, and University email, among others, can be found in these instructions.
• Multifactor Authentication (MFA) instructions can be found in separate instructions.
   

• Do not open suspicious emails or accompanying attachments.
• Do not keep your Bluetooth connection on when you do not need it. Viruses and malware are easily spread via Bluetooth.
• Do not use your mobile phone’s removable memory card on devices whose safety you cannot guarantee. These devices may have software installed that tries to fish data from the memory card and use that data. In addition, they can place malware on the memory card which will run on your phone without your knowledge.
• Do not connect your phone with a USB cable or Bluetooth to devices whose safety you cannot guarantee.

Learn more in the separate “Beware of scammers” instructions

• Immediately report the matter to the switchboard office, puhelinvaihde@helsinki.fi / tel. +358 02941 24444 (Mon–Fri 8 a.m. to 4 p.m.).
• On other times, report the matter to Elisa’s technical support, tel. +358 10 80 4400. Information on lost mobile devices reported to Elisa’s technical support will not be forwarded to the switchboard office. In that case, you should also report the matter to the switchboard office.
•  If the University’s username and/or password has been saved in the mobile device for reading email, for instance, change the password of your University account immediately. 
  • The password change application can be found at the easy-to-remember website www.helsinki.fi/salasana 
  • different language versions are also available: www.helsinki.fi/password and www.helsinki.fi/losenord