New Security Controls for Employees using Office 365 Mobile Apps
We are continuing our Office 365 journey, which ensures everyone at Ohio State can collaborate on a wide variety of devices, while keeping your information and Ohio State data secure. On Tuesday, Nov. 17, we will enable some new security settings on Microsoft mobile applications. These settings will affect employees only and student employees with “firstname.lastname@example.org” email accounts; all other student accounts will be unaffected.
Some of these settings will be familiar if you are currently using Outlook Mobile. New settings will improve protection by ensuring our data is:
- Copied only to approved mobile applications
- Stored only in approved mobile applications
- Copied and stored only in approved locations
Other settings are more familiar, because we already use them in some Microsoft applications. This update will implement these tools more consistently. What’s new is that these settings will apply to all Microsoft Mobile applications on Android and iOS beginning on Nov. 17. They include:
- Requiring PIN/Passcode to access the mobile apps. Biometrics (facial recognition, fingerprint recognition, etc.) are also supported once a passcode is set. This is already required on some apps. After this change, all mobile apps used with your Ohio State Office 365 account will require the PIN/Passcode or biometrics to access (note you will need only one (1) PIN/Passcode for all apps managed; unique/different PINs/Passcodes will NOT be required for each app)
- Encrypting data stored by the mobile apps.
- Preventing backup of university data to unapproved applications.
- Allowing Contacts in Outlook Mobile to sync with the native contacts app (the “Contacts” app that is loaded on your Android device or iPhone at the factory).
- Locking the app after 2 minutes of inactivity. You will be required to log in again if you leave the app open but have not been using it for 2 minutes or more.
- Preventing access to data from jailbroken or rooted mobile devices (devices that have been altered to remove security features set by the manufacturer and associated carriers).
- Removing university data from mobile application after a user has failed to log in 10 times because the user has entered incorrect PINs or passcodes.
What to Expect
These changes will only affect Ohio State Office 365 accounts. They will not affect any mobile apps that you use for personal accounts unrelated to Ohio State. After the Nov. 17, you may notice the following:
- When you first open a mobile Office 365 application, you may be required to enter your PIN/password. The next time you open the app, you will be able to use biometrics if device is equipped with that capability and that is your preference. When we tested the apps with changes, some people had to re-enable biometrics in the app and other devices defaulted back to them if the user had them in place before – so you may or may not need to re-enable your security preference.
- You were required to set a PIN when you first logged into your Office 365 mobile apps. The app may prompt you to change the PIN when opening an application after the change. If you do not know your application pin you can use the “Reset Pin” link in the app to reset the pin and continue log in.
- New Microsoft mobile apps that you use may prompt you upon first opening that the app is now being managed by your organization and you must re-open the app. Close and then re-open it again to continue using it. If you have forgotten the PIN, use the “Reset Pin” link in the app to reset the pin.
If you need help or have questions, contact your local IT support or the IT Service Desk for technical assistance. The IT Service Desk offers 24-hour support, seven days a week, via email and phone.