Guidelines for Securing Mobile Devices

 

Smartphones have become such an integral part of our life that it is hard to imagine how people used to communicate, access and share information, and even pay bills without them. Because of their size, we tend to forget that they are actually extremely powerful computers and that they should be secured as such. The below security tips will help you secure your phone and prevent malicious programs or people from accessing it. The more of these you implement, the safer your device will be.

Use a lock screen and enable auto-lock functionality

  • Ensure your device requires a passcode, fingerprint, or similar factor to “unlock” it prior to use.
  • Ensure the device automatically enters the lock state when idle.
  • Ensure security updates are installed as they become available

Avoid “rooting” your device if possible, as this can make it difficult to regularly pull down security updates and other patches for the device.

  • Ensure that your device is configured to automatically install updates as they become available.

Do not “root” or “jailbreak” your device.

  • Rooting or jailbreaking your device could disable built in security features of your phone, like the firewall, and could install malware on your computer.

Avoid installing unrecognized apps or apps from unknown authors.

  • Always evaluate the legitimacy of apps prior to installing them on mobile devices.  This includes making sure the software comes from a reputable vendor and is being downloaded from an official app repository.

Ensure that any installed apps are regularly updated.

  • In addition to regularly installing security updates for the phone itself, ensure that all installed apps are regularly updated as well.

Install anti-malware software if available for your device.

  • Just like computers, phones and tablets are also susceptible to worms and viruses.

If a mobile device supports encryption, use it.

  • Some phones and tablets support encryption of the contents stored on the device.  When possible, use this functionality. If your device is lost or stolen, encryption will help to prevent unauthorized access to your data.

Be careful when opening attachments and browsing.

  • Do not open unknown attachments or follow unknown links as these might infect your  device with a virus.

Enable “remote wipe” functionality where available.

  • If the mobile device supports remote wipe functionality, use it. This allows for the data on the device to be remotely erased if the device becomes lost or stolen.

Enable “find my device” functionality if available.

  • In case your device gets lost or stolen, you might be able to get it back with this service.

Be mindful when connecting to unrecognized or unsecured wireless networks.

  • Be mindful when connecting to wireless networks that are unencrypted (sometimes called “open” networks), as these types of wireless networks are particularly prone to eavesdropping.

Do not connect to wireless networks that are unrecognized.

  • Do not auto-connect to networks.
  • Turn off Wi-Fi and Bluetooth when you are not using them.

Try not to store emails, text messages, or other content containing sensitive information (like credit card numbers, social security numbers, passwords, etc.) on mobile devices.

  • Even if device contents are encrypted, avoid storing sensitive or identifying information on mobile devices.

Do not leave your phone/tablet unattended.

  • Treat these devices as you would treat cash.