Mobile Device Security
Mobile devices – we all have them, and we all love them (most of the time). Whether it’s a smartphone, tablet, or another device, these tiny machines are basically mini-computers that have revolutionized how we work, play, and stay in touch. This added convenience comes with a cost, however. Mobile devices are subject to many of the same security issues as a more traditional computer, but carry additional risk due to their portability and how they are used. Attackers are writing malware for mobile devices, so don’t think your device is safe just because “It isn’t a computer” – it IS a computer. To keep them secure, mobile devices need some extra attention.
The first steps to securing your mobile device are the same as some of the things you would do to secure a desktop computer. These include:
-
Keep the operating system and all applications updated.
-
Install an antivirus program, and run daily updates and scans.
-
Encrypt the device and any storage cards that are in it.
-
Be careful of what you physically connect to the device – do not connect the device to unknown or public computers.
-
Be cautious when connecting the device to unencrypted/open WiFi hot spots. If you need to access sensitive information while using your device, consider using a VPN app to secure your connection.
-
Be wary of links and attachments in SMS messages, emails, and messages in messaging apps.
Some of the other precautions you should take to secure your mobile devices include:
-
Configure a strong passcode, automatic device lock, and automatic factory reset settings. A 8-digit passcode, with an auto-lock after 2 minutes of inactivity, and a factory reset after 10 failed login attempts is a reasonable configuration.
-
Don’t root or jailbreak your device. Many of the restrictions that prevent the installation of malware would be removed if you root or jailbreak your device.
-
Disable all wireless capabilities when not in use, including NFC, WiFi, and Bluetooth. Even if you aren’t actively using the connections, other devices can still communicate with your device if these are left enabled.
-
Don’t install apps from 3rd party app sites, or apps that require too many permissions. 3rd party sites do not check apps as stringently as the Google Play Store, Apple iTunes, and Amazon do for security issues. Sometimes, however, even these sources don’t catch the bad apps. Legitimate apps will not request more permissions on your device beyond what they require to function - if an app asks for too many permissions, don’t install it. Legitimate apps usually have positive reviews, so if an app has few reviews, or has a large number of bad reviews, don’t install it.
-
Be suspicious of free apps, and opt for the paid version if it will remove advertisements. Ads are increasingly being used to deliver malware.