Main Nav

Hello everyone,

Has anyone created  security guidelines that application developers should be following when building mobile apps for their university?

I have encountered branding guidelines for university mobile apps, but my limited research has yet to discover any guidelines for mobile app security topics such as data security, gathering/storing of personal information, app usage tracking, geo-location tracking, etc.

I know this is still unchartered waters for a lot of schools, but if anyone that has created guidelines (or even a policy) is willing to share what they have, I'd love to learn more about how other institutions are approaching these security issues with mobile apps.

Thank you in advance,

Brian

-- 
Brian Mertz
Senior Security Outreach Specialist
Office of the CIO
University of Illinois at Urbana-Champaign
bmertz@illinois.edu
twitter.com/citessecurity
********** Visit the EDUCAUSE Policy website at http://www.educause.edu/policy.

Comments

Hi Brian,

 

We have a few application security case studies included in the Information Security Guide, although these aren’t specific to mobile security:

·        https://wiki.internet2.edu:443/confluence/x/OQCj

·        https://wiki.internet2.edu:443/confluence/x/MwCj

·        https://wiki.internet2.edu:443/confluence/x/UYKb

 

You might want to check out the OWASP or WASC websites for additional resources.

https://www.owasp.org/index.php/Main_Page

http://www.webappsec.org/


Thank you,

Valerie

 

Valerie Vogel Program Manager

EDUCAUSE
Uncommon Thinking for the Common Good
direct: 202.331.5374 | main: 202.872.4200 | educause.edu