Mobile Device Management for Office 365 has been enabled for the Connect Accounts of those who have PHI flags. The PHI flag is in place to denote those who have access to Protected Health Information (PHI) and must abide by HIPAA regulation on how to store or send their email. Mobile Device Management (MDM) is a way to secure mobile devices so that they are compliant with the requirements of handling PHI. While enrolling your device in MDM through the Company Portal App, you will be prompted by a notice that states administrators will be allowed to make a number of changes to your device but the University will not utilize those features as they are beyond policy.
The MDM policies that are currently in effect for all staff who handle PHI data are:
- Devices will be wiped after 10 sign-in failures
- A password on the device will be required
- The password must be at least 6 characters
- The password must be alphanumeric with 2 character sets (including at least one special character)
- Devices will be locked after 15 minutes of inactivity
- Devices must have data encryption enabled. Apple devices (iOS devices) have built-in encryption that is automatically enabled but Android devices will need to manually enable encryption. This process is battery intensive and may take up to an hour to complete, so make sure your device is plugged in while encrypting.
- Jailbroken or rooted devices (devices that have had basic security measures stripped away from the operating system) will not work.
- Managing email profile will be required.
- Removable storage on devices cannot be used
Note: If your device utilizes a removable media device/removable storage (such as an SD card) the Help Desk advises that you copy the data to another location prior to enabling your device for MDM. Failure to properly copy your data prior to enabling your device may result in a loss of data.
Due to the implementation of MDM, IMAP has been turned off on both mobile and desktop devices for those who have access to PHI. This will require you to connect using exchange when using your Connect account, which will enforce the MDM rules. You will need to access your Connect account using Outlook Web Access (OWA), Outlook or a mobile device enrolled in MDM.
Instructions on how to enable iOS and Android devices for Mobile Device Management can be found in the links below.
- Enabling Mobile Device Management on Android Devices
- Enabling Mobile Device Management on iOS Devices
There are known mail applications that bypass the restrictions of MDM. These applications should not be used as they violate the Rutgers Connect MDM Standard. Below is a list of the currently known applications that are noncompliant:
If you are leaving the university or longer wish to have your device enabled to access Rutgers Connect on your mobile device, please remove the Intune Company Portal app from your device.