Personal Mobile Security

October 5, 2012

Warren Puy Arena
Director, Information Systems

As the mobile revolution takes place, we increasingly rely on our mobile devices to access and store sensitive, confidential personal information.  At the same time, given the popularity of these devices, cyber criminals have been busy adapting their hacks and scams to work on our Internet-connected smartphones and tablets.

So, what can we do to secure our smartphones and tablets?  Here are some basic, general security recommendations to protect your device and the data stored in it:

  1. Lock It Up.  If you have not done it already, do it right now!  Preferably, use an alphanumeric passcode instead of a 4-digit PIN as your device password.
  2. Encryption.  If available on your device, do turn data encryption on.  In the case of the iPhone/iPad, do not forget to also encrypt your device backups when using iTunes to backup your device to a PC.
  3. Application Permissions.  Every time you install an application, do not allow the app to have all available permissions on your device.  Instead, review the app’s required permissions list and cancel the app installation if the app is requesting illogical permissions (e.g. flashlight app requesting access to your contacts).  Check all apps that have access to your device “location services” and turn the service off for any app that do not truly need to know your location.
  4. Enable Remote Wipe.  This will allow you to remotely wipe your device data in case your device is lost or stolen.
  5. Patches.  Install device operating system patches as soon as they are released. Most often than not, these patches include fixes for known security flaws.
  6. Third Party Protection.  You may want to consider installing an antivirus tool or security suite on your device.  Not only do they protect your device against malware and unauthorized access but, they also offer a variety of antitheft features such as remote lockdown and wiping and even taking a picture of the thief.
  7. Internet Connection.  As with your corporate laptop, you should use your best judgment and common sense when connecting your device to the Internet wirelessly.  Be suspicious of “free” WI-FI services and wireless services that require sensitive personal information to provide Internet access.  Always use the “safest” Internet connection first!