Securing your mobile device

  • 5 minutes to read
  • Last updated January 25, 2016

Protecting your privacy with a mobile device

Here are some steps to make sure that your mobile device – and everything that’s on it – stays safe:
  • If your device is lost or stolen, your information goes with it and can potentially be viewed by unauthorized individuals.
  • Consider using encryption software if it is available for your device to prevent unauthorized access to your data.
  • If your device is lost or stolen contact your service provider as soon as possible. Your service provider may be able to disable or remotely wipe the device to prevent unauthorized access or remove the data stored on the device. In the case of theft contact your local police agency as they may be able to work with your service provider to track and recover your device if reported promptly.
  • Location services are often used by apps to provide directions, or “check you in” to your local coffee shop, store, or other locations and share that information on various social networks. Not all apps need this data to function, and the ones that do should cearly explain how your location data will be used.
  • Location services can often be disabled entirely or allowed on an app by app basis. Consider disabling this service or limiting which apps can access the service.
  • Doing so does not prevent your service provider or law enforcement from using your location information.
  • Is the WiFi you’re using secure? It’s often impossible to know. If you’re not sure, don’t use your handheld device or limit your use of it.
  • Have an iPhone? Use WiscVPN with it to provide another layer of security and protection, especially when you send sensitive information. VPN encrypts data while in transit, both through regular and wireless networks. – Also see the Bluetooth reference below. Bluejacking is a common attack where someone will use another person’s Bluetooth-enabled device to send spam. This can lead to phishing attempts and the spread of malware or viruses.
    • When you use a browser over a WiFi hot spot that might be unsecured, look for the closed padlock icon and “https” in the Web address.

 

Bluejacking is a common attack where someone will use another person’s Bluetooth-enabled device to send spam. This can lead to phishing attempts and the spread of malware or viruses.

In addition to SIM cards and removable memory, most devices have some amount of internal memory. Even if you believe you have deleted all of your personal information, photos, messages, and contacts, some information may still be stored on the device in locations you missed or are restricted by the manufacturer. Consider taking your device to your service provider or dealer to be wiped and reset to factory defaults.

  • Use a passphrase or biometric login instead of a passcode. It should auto-lock after 3-5 minutes of inactivity. Direct on how to change that setting if needed.
  • Install and keep updated only the apps that you have validated and are using – “Keep your apps clean”
  • Use a VPN on public wireless – see how to install WiscVPN
  • Know what data is being shared with apps –  search for Apple and Android guides to determine what data is being shared with apps.
  • Know how to report and mitigate a lost or compromised device – See: “How to wipe your phone from O365.”

Protecting your mobile device

  • Be sure to use a strong and unique passcode or pattern sequence.
  • Most smartphone users do not have a password lock on their phones when they turn them on or wake them from sleep mode, according to security vendor Symantec. That widespread lack of security makes any mobile device a tempting target for thieves or nosy neighbors.

That includes both the operating system and the apps running on your device. Updates often provide enhancements to prevent malicious attacks.

  • Official app stores are more likely to screen for malicious, counterfeit, or otherwise shady apps and you are much more likely to be notified if you have downloaded a suspect app than if you use other download sites.
  • Official app stores also tend to have stricter guidelines as to what sort of apps can be uploaded as well as how they interact with the device and collect information about users.
  • Applications sometimes contain viruses or malware that can steal any important information on the phone. Even the official app stores sometimes offer malicious apps that slip through their screening process.
  • Be sure to read the user agreements and research the information an app has access to. Many apps collect information about the user for marketing purposes, diagnostics, or as part of the service they provide. This could include everything from your contact list to your physical location. This information may be stored or distributed to third parties by the app developer, as well as stolen or intercepted by unauthorized users.

This refers to modifying or hacking your device to use features or install apps that are restricted by your service provider. Not only does this violate the terms of service of most device manufacturers, it potentially exposes your device to greater harm from malicious apps.

Many mobile devices have the ability to be synced and backed up to your personal computer, or even the cloud. Apple/iOS and Google/Android provide such service. Loss, damage, and even software updates can potentially cause you to lose all of your data. If you don’t have a back-up your important phone numbers, favorite photos and other data could be lost forever.


If you have questions on any of these steps, contact the DoIT Help Desk or call (608) 264-HELP (4357).