It’s important to keep your personal devices up-to-date and secure for your own sake, and particularly if you use those devices to access, store, or work with U-M data.
Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33) outlines your obligations when doing work for U-M with personal devices such as your personal phone or home computer. Your unit may have additional restrictions beyond those found in the SPG, and you must meet those requirements as well.
Start with basic steps, such as always keeping your operating systems and software up to date, and not letting others access a device while logged in with your U-M account/credentials. Then check out these guidelines and tips to make sure you are meeting your shared responsibility to protect the university.