Cybercriminals are constantly looking for ways to exploit our mobile devices. Mobile users should protect their devices to defend against threats. Following are some steps that can be taken to protect your mobile devices:
- Protect against unauthorized access. Make sure that your devices require authentication prior to unlocking for access. This could mean entering a strong password or code, or using facial or fingerprint recognition. Devices should automatically lock when you hit a button, or after a short timeout period.
- Encrypt your data. Data on the mobile device should be encrypted, which scrambles the data so that hackers cannot access it.
- Make sure synchronization is secure. If you have files that are automatically synchronized from a mobile to somewhere else, like a cloud service, be aware that is happening and make sure that wherever the data is being replicated to is secure.
- Beware of untrusted apps. Only use trusted apps and apps stores. This helps avoid malware that could be spying on you, stealing data, or otherwise compromising your security. Also, understand the permissions that are required by the app. Often apps want access to calendars, contacts, social media, the device’s camera or microphone, location, etc.
- Disable features that you don’t need or aren’t using. This narrows the attack surface of your mobile devices. Bluetooth, for example, allows your device to be discoverable, and potentially allows access to malicious actors. Always disable Bluetooth when it is not in use.
- Keep up with patches and updates. Having the most updated mobile security software, web browser, operating system and apps helps defend against viruses, malware and other threats.
- Remove wireless networks that you do not use. For example, if you use a hotel’s Wi-Fi network, remove the network from the device once you leave the hotel.
- Be suspicious of odd messages, and messages from unknown parties, especially those that contain links. If a friend’s or colleague’s device gets stolen or hacked, the attacker could send messages hoping to compromise your device. When in doubt, do not respond and delete the message.
- Do not use public USB charging stations. They may contain electronics that attempt to put malware on your device, or pull data off.
- Avoid public Wi-Fi. It if is necessary to use public Wi-Fi, enable a VPN. The VPN encrypts your data, and prevents an attacker from eavesdropping on your traffic.
- Enable the auto wipe feature. Auto wipe removes data after a set amount of failed login attempts. This helps prevent an attacker that has physical access to the device from accessing the data. Remote wipe and remote location are also helpful in the event a device is lost. Remote location services enable you to try to locate the missing device, and remote wipe will remove the data if you do not think that the device will be recovered.
- Back up mobile device data. If the data is lost or the device malfunctions, you can restore from backup or transfer to a replacement device.
Although we cannot address all mobile security issues in one blog post, these 12 steps represent basic security practices that can reduce the risk of a breach or compromise of your mobile device.