Simple Steps to Keep Your Mobile Device Secure
"Today, your cell phone has more computing power than all of NASA back in 1969, when it placed two astronauts on the moon."
—Dr. Michio Kaku, Ph.D.
[See also Cybersecurity Awareness]
A Quick Overview
- Enable the screen’s auto-lock function
- Set a secure password or PIN
- Use auto-update for the operating system and all installed apps
- Only download and install apps from trustworthy verified authentic sources
- Avoid public Wi-Fi hotspots — even if provided by a reputable business
- Avoid public USB charging stations — only use a standard electrical outlet to avoid the risk of data theft
- If you operate your own wireless network at home or at work, be sure to properly secure your router and keep it patched
- Ignore spam emails and texts, not clicking on unverified links that could download malware
- Add a trusted mobile security app with a strong and verified reputation
- Utilize your device’s available encryption feature
- Disable Wi-Fi and Bluetooth when not needed — Keep Bluetooth out of “Discovery” mode
- Do not use a “jailbroken” or “rooted” device
- Regularly back-up your device
- Keep your device close to you and within sight at all times
- Use “wipe” technology if device is lost, stolen, or simply no longer needed
Enable the screen's auto-lock function A device without auto-lock enabled may be convenient and easy for you to use, but it’s also easy for your information to be viewed or stolen by anyone who happens to find the device. Taking a few moments to adjust your Settings to enable auto-lock now can prevent unexpected problems in the future. |
|
An easily guessed password or PIN is nearly as bad as not having auto-lock enabled. Do not use birthdays, anniversaries, names of family members or pets, or any other single word or an easily guessed numeric value. Instead, use a combination of letters, numbers, and symbols that mean something to you – and keep it to yourself. Rather than using this formula for a single word, such as P@s$w0rd, a more secure approach would be to use various characters to represent the first letter of each word in a phrase or sentence. Do not re-use passwords or PINs to access multiple devices or online services. |
|
Use auto-update for the operating system and all installed apps Make sure your device is set to automatically download and install all patches and updates to your operating system and apps. This will keep your device more secure against current threats and vulnerabilities. |
|
Only download and install apps from trustworthy verified authentic sources If you receive a pop-up security warning that instructs you to download and install a security app in order to clean a virus or other problem that has been detected, don’t do it. This is a common way criminals get victims to load malicious software to a device. A good rule of thumb is to only download and install apps from stores belonging to your operating system manufacturer – Apple’s App Store for iOS and GooglePlay for Android devices. While there is no guarantee that all apps will function as described, these two sources evaluate the apps offered more so than many other third-party app distributors. |
|
Avoid public Wi-Fi hotspots – whether offered for free or for a fee, from an unknown source or from a reputable business Public Wi-Fi has several risks. Some of these services are really operated by criminals with malicious intent. Even some legitimate public Wi-Fi can be accessed easily by criminals because the network security is weak or misconfigured. If for some reason you absolutely must access public Wi-Fi, be sure to use a trustworthy Virtual Private Network (VPN) that encrypts all of your activity so that anyone with a bad motive will not be able to access or view your data. |
|
Avoid public USB charging stations – only use a standard electrical outlet to avoid the risk of data theft Unsuspecting victims may see what looks to be a legitimate public charging station with convenient universal USB cables available to plug in and power-up their device. But while charging, the device and its data are unknowingly compromised. Always use your own power adapter plugged into a regular electrical outlet or use your own personal battery pack. |
|
If you have your own wireless network at home or your place of business, be sure to properly secure your router and keep its software patched Many people – including some ‘technology professionals’ – do not bother to change the temporary factory password of wireless routers they install to provide access on their networks. They also often fail to update this equipment with current security patches from the manufacturer. Both of these actions commonly result in a network easily compromised by criminals who quietly gain access to the data without any detection. |
|
Ignore spam emails and texts, not clicking on unverified links that could download malware Spam emails and texts can both contain links and other content designed to compromise your smart device. If the communication looks suspicious, delete it immediately. Do not open it. Do not click on any links. Such actions could result in the installation of malicious software that could steal your personal information, track your activity, or worse. |
|
Add a trusted mobile security app with a strong and verified reputation In the past, some operating systems seemed more safe and secure than others. However, today each has been proven to have different vulnerabilities and security risks from time to time. In addition to keeping your device patched, it is also a good idea to use one of several well established security apps designed for your device. |
|
Utilize your device’s available encryption feature Most modern smart devices now have the ability for you to add an extra layer of security with encryption. Follow the manufacturer’s instructions now for encrypting your device so it will keep your personal data safe in the event of loss or theft. |
|
Disable Wi-Fi and Bluetooth when not needed – Keep Bluetooth out of “Discovery” mode Make sure your device settings do not allow automatic connections to nearby Wi-Fi networks. Turn Bluetooth off when not in use so that hackers cannot spoof a device you have used in your history, thus gaining unauthorized access. Keeping your device out of “Discovery” mode keeps other unknown devices from being able to find your connection. Mobile devices paired with vehicles through Bluetooth may also have shared your personal information. Be sure to unpair and clear any personal data from the car if it is a rental that you are returning or if it is a car that you are selling or trading in. |
|
Do not use a “jailbroken” Apple device or a “rooted” Android device – such devices may be more vulnerable to malware attacks or may provide backdoors to allow hackers access to personal details To “jailbreak” or “root” a device is to remove software restrictions embedded in the device by its manufacturer or the mobile carrier that first sold the device. While it may seem appealing to remove unwanted ‘factory-installed’ apps and make other customizations, this action can also result in a device becoming more vulnerable security risks. |
|
Many mobile carriers, device and operating system manufacturers, and reputable third-parties provide secure cloud-based services to back-up photos, music, videos, and other device data. Use these services to safeguard your important data with automatic back-ups before your device is lost, stolen, or crashes. |
|
Keep your device close to you and within sight at all times Treat your device just like your wallet. Know where it is at all times, and don’t leave it unattended in a public setting. Be alert to distractions and other tricks used by criminals in an attempt to separate you from your device. |
|
Use "wipe" technology if device is lost, stolen, or simply no longer needed For Apple devices, follow the steps outlined here:
For Android devices, follow the steps outlined in this article:
|
References
- Harvard Business Review: Your biggest cybersecurity weakness is your phone
- FCC: Wireless connections and Bluetooth security tips
- Bank Info Security: Jailbreaking iOS devices – Risks to users, enterprises
- Apple Support: iCloud: Erase your device with Find My iPhone
- Apple Support: What to do before you sell or give away your iPhone, iPad, or iPod touch
- Digital Trends: Selling your phone or tablet? Here’s how to wipe your Android phone
- British Gas: Smartphones — More powerful than all of NASA’s combined computing in 1969