In a guest post for Cybersecurity Awareness Month, Jared Perdue, Information Security Specialist with the Information Security Office, shares tips for keeping your mobile devices secure.
Our mobile devices contain a great deal of valuable data. No matter what device you use, be it a Windows laptop or MacBook, an iPhone or Android device, you should take some basic precautions to protect the data and the accounts on your devices. Below you’ll find basic and some more advanced tips for securing your devices.
Public Wi-Fi
- When using a laptop, you should connect to your phone and use the hotspot feature to avoid exposing your data to others on the public network. Ensure the wireless network broadcasting from your phone has a strong password. For a more secure connection, tether your phone to your laptop with a USB cable.
- Be careful when checking sensitive accounts on public networks and avoid doing so when you can. These can include email, social media, financial, medical and work accounts. Make sure two-factor authentication is set up where possible. If you must access one of these accounts, consider changing your password once you have access to a trusted network.
- Use a Virtual Private Network (VPN) whenever possible. Only connect to sites with HTTPS (the lock icon should be present in the address bar). Do not interact with any popups you encounter.
- Advanced
- Disable any auto-connect functions except to trusted networks. If your device does not automatically connect to a network with a familiar name, it could be spoofed. Verify it is the network to which you normally connect.
Device security
- Keep the device up-to-date. Run the system update feature once a month. Apple update releases can vary. Windows updates are released the second Tuesday of the month. For Pixel owners, Google releases Android updates around the fifth day of the month.
- View the list of recent Apple updates. Follow the above advice and look for updates to your devices once per month.
- Use antivirus/antimalware on your laptop systems such as the pre-installed Windows Defender on Windows 10 and Windows 11. Antivirus software exists for Apple iOS and Android but varies in quality and ability to scan your entire system.
- Restart your phone on a regular schedule. Malware typically enters a phone through a malicious app downloaded from an app store. Here it is important to review what permissions an app requests and reviews before installing as a restart will not delete an installed app. However, other means exist for malware to download and run on a phone. Restarting your phone can clear this kind of malware.
- Do not leave your device unattended in public settings. Similarly, be careful about who you trust with access to your device.
- Rename the device so as not to easily identify the owner (many iPhones will default to names such as Jared’s iPhone).
- Advanced
- For laptops, set up a firewall to restrict inbound and outbound connections.
- For Windows laptops, disable unnecessary services that can introduce more risk such as Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS).
Bluetooth and NFC
- Monitor connections using these technologies. Do not accept unexpected Bluetooth pairing requests.
- Disable both Bluetooth and NFC (Near Field Communication) when not in use. Note: this will affect connectivity to smartwatches and other wearables. Disabling NFC will affect your ability to use apps like Apple Pay and Google Pay.
- It is important that you do not share sensitive information over these connections.
- Configure Apple’s AirDrop and Google’s Nearby Share to accept only connections from people in your contact list.
Additional resources
Want to learn more about how to protect yourself and use the technologies available on your devices? Check out these resources:
- Apple
- Android
- Windows
- General
Podcast
Have you heard about our podcast Data @ Rest? We’ll be discussing these tips in an upcoming episode. Subscribe on your favorite podcast service.