We’re no Buzzfeed, but we recognize the importance of Top 10 lists. In fact, here’s a great Top 10 list of the Top 10 reasons that Top 10 lists are so popular with journalists and readers. Such as they are, lists of 10s are fun to write and fun to read, while also serving an educational purpose (and give us an excuse to overwhelm with gifs). In that spirit, we’ll be rolling out a variety of Top 10s over the next several weeks. If you have a topic you’d like to see covered, let us know!
On to the list!
Top 10 Mobile Security Practices
On all personal devices, install anti-virus and/or malware detection apps.
This is something many of us overlook, just assuming that virus detection software is for computers only. The fact is, your mobile device is a computer. The number of mobile device users is expected to surpass 4.7 billion by 2017, which means bad guys have a massive target inventory.
Set up a lock screen with a pattern, PIN or password.
Nowadays, most devices force you to set up a password of some sort, but this can be easily bypassed in the settings. As always, strong passwords should be utilized. Biometrics, such as a fingerprint or retina scan, are a great option as passcodes that are unique and don’t require you to remember them.
Use a VPN (Virtual Private Network) when accessing the internet on public WiFi.
Without a VPN, the bad guys can easily steal your login credentials, see your photos and obtain your banking information. VPNs are inexpensive, easy to set up, and can be installed across multiple devices. If you want more information on why you need a VPN, here’s a real life example of someone getting their credit card information stolen. And here’s an explanation of how VPNs work.
Enable remote wipe and know how to erase all data in the event that your device is lost or stolen.
If you’ve ever lost a device, you know how stressful it can be. The remote options offered to us by manufacturers help alleviate that stress. Both Apple (Find My iPhone), and Android (Android Device Manager) allow us to track our devices remotely, ping them to ring, and reset them to factory default—which completely erases all data including installed apps.
Only install apps from trusted sources.
If you are unsure, google the app and check other users’ reviews. If the app is asking for more permissions than you think it needs – especially your social security number, credit card or banking information – do not install it. A little research goes a long way.
Backup your mobile device.
If it is ever lost, stolen or destroyed, at least you won’t lose all your contacts and photos. Routinely transferring important data to an external drive, as well as running cloud backups, ensures we’ll always have access to what’s most important to us.
Keep your mobile software (apps and OS) up to date.
Ignoring updates could put you at risk for malware. In addition to security patches, updating your system often keeps your device running as quickly and smoothly as possible.
Don’t jailbreak your phone or buy one that has been jailbroken.
Mobile developers put those security measures in place for a reason, and removing them can weaken the overall security of your phone.
Turn off Bluetooth when it’s not in use.
Criminals can use a technique called “drive-by hacking” to access the personal information stored in your phone just by using Bluetooth. For that matter, disabling WiFi when not in use is also a good idea. If you’re not convinced, watch these hackers take complete control of a Jeep from miles away.
Don’t click on links, photos or videos in text messages from an unknown source.
Okay, that’s not the “phish” we’re looking for. Unsolicited links sent to you from unknown sources are usually mobile phishing attacks, most often referred to as smishing, and they can wreak havoc on your mobile device. Just like phishing, smishing utilizes social engineering and a sense of urgency to get victims to click. Here’s a real life example from one of our friends.
Latest posts by Justin Bonnema (see all)
- 2019 SAP Planning Calendar - December 11, 2018
- Incident Response in 3 Domains - November 30, 2018
- How the NIST Framework Improves Your Organization’s Cybersecurity - November 15, 2018