If you suspect your device has been lost or stolen, notify Protective Services (301-846-1901) and the NIH IT Help Desk (Toll Free: 866-319-4357) within ONE Hour of Discovery!!
NIH encourages and supports the use of laptops and mobile devices such as smartphones and tablets, both government
furnished and personally owned. These devices have become indispensable tools for today's highly mobile workforce
as they can be used for many essential business functions such as sending and receiving email, storing documents,
delivering presentations, accessing the Internet, and remotely accessing data. While these devices provide productivity
benefits, they also pose new security risks to the NIH when used to access NIH resources. Because of their small
size and use outside the office, some mobile devices may be easier to misplace or steal than a laptop or notebook
computer. If they do fall into the wrong hands, gaining access to the information they store or access remotely
can be relatively easy if the proper precautions are not taken.
As with any computer platform, there are certain basic security requirements that must be in place to address
associated risks. To ensure that we are providing an adequate level of security for mobile devices, pre-emptive
and reactive minimal controls are necessary to guard against the threat of physical loss of the device or the
loss of logical integrity. Asset provisioning, inventory, basic configuration management, the ability to monitor
the health and integrity of these devices, along with the ability to quickly and effectively respond to security
incidents must all be in place to implement a successful mobile device security program at NIH.
Lost or stolen NIH equipment and/or NIH data containing Personally Identifiable Information (PII), Protected Health
Information (PHI) or Sensitive Information (SI) must be reported to NCI at Frederick Protective Services (301-846-1091)
and the NIH IT Help Desk (Toll Free 866-319-4357) within one hour of discovery. The NIH Mobile Device Management
(MDM) Service is the suite of applications used to secure mobile devices that connect to or synchronize with
the NIH network (NIHnet) or NIH internal resources. An enterprise wipe command may be issued to a government furnished
device or to the MDM application on personally owned devices. The MDM Service provides security by implementing
the controls that guard against the threat of physical loss of the device or the loss of logical integrity of
government furnished and personally owned mobile devices.
NIH policies and guidelines as well as NCI at Frederick policies hold you responsible for your government-owned
portable/mobile computing device and its data.
* Examples of Portable/Mobile Computing Devices (e.g., Laptop, Desktop, iPhone, iPad, Camera, BlackBerry)
Media (e.g., Hard Drive, USB/Thumb Drive, Secure Digital Media Card, CD-ROM, DVD)
For more information see: