Mobile Devices Security Tips
As mobile devices are more widely used, applying good security practices when using those devices becomes critical. When a tablet, phone or laptop are lost or stolen, not only is any personal data at risk, but any KSC sensitive and confidential data stored on that device is at risk also.
Knowing good mobile device security practices before you begin using your mobile device is important. Here are some common best practices for securing the information stored on your device and how to protect it. Apply these best practices where applicable:
Mobile phones, tablets, portable storage drives, laptops:
Label your device with your name and a phone number where you can be reached.
Configure a passcode. This is required by KSC to gain access to and use the device. This helps prevent unauthorized individuals from gaining access to your data.
Set a screensaver timeout and enable the password lock-out feature so a password is required when returning from screensaver mode.
Install anti-virus software and keep all software up to date. This is the best defenses against viruses, malware, and other online threats.
Encryption: Devices which contain confidential or sensitive data must be encrypted. Use encryption or a Virtual Private Network (VPN) to protect sensitive data. Encryption offers protection by scrambling the data so only the owner of the key can read the data. A VPN scrambles the data as it is being transmitted back and forth between your mobile device and a server. Note that file and hard drive encryption mean that the data is stored on your mobile device, whereas with a VPN, the data is on a remote server. On the whole, it is better to leave the data on a server that is managed by a system administrator and use a VPN than to take the data with you and encrypt it on the device.
Physical locks should be used whenever the system is in one location for an extended period.
Only give your mobile number out to people you know and trust and never give anyone else's number out without their permission.
Look for Https://: Use only secure websites (https://) when banking or shopping on line. A secure website helps provide a more secure connection protecting this personal information.
Phishing: Does it sound too good to be true? Are they asking for your login information? Are they threatening to disable your service or access? Request for personal information is Phishing. Do not respond. No legitimate institution will ask for this information via email or text.
Use secure wireless. While using a public wireless networks at airports, bookstores, and coffee shops is convenient, it's also very dangerous. Using these public, insecure wireless networks makes it easy for someone to steal your data, or your identity. Use only secure wireless access points.
Bluetooth security. Set Bluetooth enabled devices to non-discoverable to avoid any unauthenticated access to your device.
Disable Unused features. Disable any features not currently in use, e.g. Bluetooth, WiFi, infrared.
Remote wiping. All major mobile devices have the ability to send a signal to the device that triggers the phone's software to delete any and all data stored on the device. When your phone is lost or stolen, wipe it.
GPS a double edged sword: GPS may be useful to locate a lost or stolen device, but it also could supply a record of your location 24/7.