Best Practices for Mobile Device Security

Summary

Mobile devices and tablets run applications to perform a variety of functions. These device functions range from operations as simple as web browsing and e-mail to more complex functions, like multimedia editing and file access. They can connect to wireless networks and can often include the ability to connect directly to cellular data services, even when outside the range of a Wi-Fi signal. This article covers best practices for mobile device security.

Body

Mobile devices and tablets run applications to perform a variety of functions. These device functions range from operations as simple as web browsing and e-mail to more complex functions, like multimedia editing and file access. They can connect to wireless networks and can often include the ability to connect directly to cellular data services, even when outside the range of a Wi-Fi signal. This article covers best practices for mobile device security.

The portability of these devices allows you to access information and systems that would otherwise be unavailable outside of the office setting.  While these devices can be powerful tools, it is important to remember that they will not replace your computer and we do not recommend relying on such devices for access to Ithaca College systems such as Parnassus or HomerAdmin.

Audience

Everyone

Platforms

Apple iOS, Google Android, Windows Phone

Best Practices

  • Set a lock screen passcode to deter others from accessing your phone.
  • Configure auto-lock, which will lock your device after inactivity for a given period of time, usually a few minutes. This can prevent access to others if you leave your device on.
  • Physically secure your device.  Even with passcodes and auto-locks configured, preventing others from physically accessing your mobile device is the only way to ensure the security of your device and data. 
  • Store current backups of your device via manually syncing or cloud-based backup solutions. Having a backup can help prevent data loss in the event of loss or damage to your mobile device.
  • Know your wireless connection.  Connecting to open, unsecured networks can put you at risk. Only connect to familiar open, unsecured networks and use password protected, secure networks when possible. Consider using a VPN.
  • Turn on device encryptions. If your device is encrypted and you lose it, whoever has your phone cannot access your data. iPhones and iPads are always encrypted by default and this cannot be disabled. For Android and Windows devices, consult your manufacturer.
  • Know your applications.  Some applications may access your data, use your location information, and connect with other services such as social network sites. While many applications perform these actions to provide a better, more personalized service, you should be aware of what these applications are accessing and how the developer is using this information. Applications that use location based information may also affect your device’s battery life. 
  • Update the operating system and apps regularly to improve the stability, performance, and security of your device. Keeping your device up-to-date will promote proper device operation.
  • Configure remote wipe capabilities.  Having the ability to remotely delete the data on your device can help protect your data if your device is lost or stolen.
  • Report stolen or lost devices as soon as you are aware that your device is missing or has been stolen.  It is useful to know your device’s serial and IMEI number in the event of theft.
  • When discarding a device, be sure to erase all data.  Do not sell, trade-in, or recycle a mobile device before erasing all of the data stored on the device. Refer to the device manual for instructions on how to completely erase the device.

Details

Details

Article ID: 92
Created
Fri 8/4/17 9:11 AM
Modified
Thu 10/29/20 10:01 AM