Guidelines on Privacy and Security for Mobile Apps

From: Isaac Straley, Chief Information Security Officer
Date: March 9, 2023
Re: Guidelines on Privacy and Security for Mobile Apps

Concerns over the security and data-collection practices of social media apps have been making headlines lately, and many of us have questions about best practices on our own smartphones and mobile devices.

In general, the University currently does not restrict which apps can and cannot be used — that’s why it’s important for staff, faculty, librarians and students to be aware of the security and privacy issues, and how to reduce the risks.

To help, we have put together guidelines and four quick tips to reduce the risk for our U of T community, on both personal and University-owned devices. These Guidelines will evolve as new information becomes available.

View the guidelines: https://uoft.me/guidelines-mobileapps

Four quick tips to consider for each of your apps:

1. Do a quick search: Before downloading a new app, check if there are any known privacy and security concerns associated with it.
2. Pause before granting permission: Be cautious about what permissions you are giving to the app and determine what data should not be disclosed when you sign up.
3. It’s not fun — but review the terms & conditions: Read the privacy policies and terms and conditions of these apps to be aware of their data-collection and sharing policies.
4. Consider the source: Download these apps from trusted sources like Apple App Store or Google Play to limit the risk of spyware and other vulnerabilities which may lead to cybersecurity attacks.

If you or your colleagues have questions or concerns about your own devices or data practices, we’re here to help — please contact security.response@utoronto.ca, and please share this resource widely.

We are Secure Together.