8 Tips for Securing Your Mobile Devices
Would you believe that the iPhone is only 10 years old? If you're like me, you might have a hard time remembering life before smartphones and tablets. After all, most of us rely on our mobile devices for everything from completing daily tasks to connecting with friends.
This reliance has also extended to the workplace, where you and your employees may use mobile devices to help organize appointments or check e-mail on the go. But, as with any new technology that accesses your office’s information, mobile devices introduce unique security risks.
So, what steps can you take to ensure that you're appropriately managing the risk of sensitive information becoming compromised? Here, I've compiled eight tips for securing your mobile devices, addressing everything from the threat of ransomware to the benefits of tracking software.
The first line of defense in protecting any mobile device is a strong lock-screen passcode. Without one, the risk of your information being compromised will dramatically increase.
Passcodes should be stronger than 1234, 5555, or any other easy-to-guess number and should not include significant dates (e.g., birthdays, address numbers). Other passcode best practices include:
- A short auto-lock time so that your device never stays unlocked for too long
- A maximum number of failed attempts before your device locks or wipes its information
Even if an attacker were to steal a device and had the time to try to gain access, these features will help ensure that the risk of your information being compromised stays at a minimum.
Developers and hackers are in a constant game of cat and mouse—discovering and patching vulnerabilities in software and operating systems. It’s these vulnerabilities that have resulted in some of today’s biggest cyber attacks.
For example, both the WannaCry ransomware event in May and the Petya (aka NotPetya) cyber attack in June took advantage of the same Microsoft operating system vulnerability. Although Microsoft issued a patch to close this security gap months before the attacks, it was not fully utilized. If it had been? The impact of those two global attacks would’ve been much less.
So, the next time you're tempted to postpone an update for just one more day, don't! It’s crucial that you and your staff keep your devices—including firmware, operating systems, and applications—up to date with the latest security patches.
Encryption (making data unusable or unreadable) further minimizes the risk of unauthorized users accessing a device’s information. Fortunately, most of today's devices come encrypted out of the box. This feature is automatically enabled for:
- All iPhones starting with iPhone 3GS (2009 and later)
- All Android devices that run version 6.0 Marshmallow or higher (2015 and later) out of the box
Given how recently auto-encryption was brought to Android devices, you might have a device that originally ran firmware older than 6.0 Marshmallow. If so, be sure to update your device and then encrypt it by going to Settings > Security > Encrypt phone.
Physical damage and mobile malware can lead to lost, deleted, or corrupted information. To reduce the impact should this happen, it’s always a best practice to regularly back up the information on your devices (iOS backs up through iTunes or iCloud; Android backs up through your Google account). Keep in mind that all backed-up information needs at least the same level of security as the original information, including encryption and access controls.