Protecting Mobile Devices
As technologies advance, mobile phones, tablets and notebook computers are becoming more and more commonplace. Mobile devices (or mobile computing devices) are information systems capable of storing and processing large amounts of information without having a fixed physical location, and they can be carried around easily. Examples of mobile devices include smartphones, tablets, and notebook computers.
A stolen or lost mobile device with unprotected storage allows an attacker to access the data on it. If the device is infected with malware, it may lead to hidden use of premium services, or leaking sensitive information. Here are some general tips for maintaining the security of your mobile device.
When configuring your mobile device
Turn off location services setting in your mobile device if it is not necessary to run location-based application.
Do not jailbreak the mobile device (to override usage and/or access limitations).
When using your mobile device
Protect your online user account that handles sensitive data with a strong authentication mechanism, such as two-factor authentication, if available. You may also visit Handling User Accounts & Passwords for more tips on user account security.
Do not leave a mobile device unattended, even for a moment.
Do not process sensitive data in the mobile device unless with encryption feature on or secure end-to-end connection.
Do not open or follow links in messages or email from misleading URL, suspicious or un-trusted sources.
Do not download or accept programs and content from unknown or un-trusted sources.
Be cautious when connecting to publicly available Wi-Fi hotspots, and avoid access sensitive data unless with adequate security protection.
When backup data in your mobile device
Assess the security risks before synchronising data to cloud services and adopt adequate security measures, such as avoiding automatic backup/ synchronisation of sensitive data to cloud services.
Turn on the encryption option in the backup/synchronisation software for storing the data in encrypted mode if available.
Make sure the backup copies are encrypted no matter stored in desktop PC or in removable media.
When disposing your mobile device
Completely clear all data and settings on your mobile device before disposal.
At all time
Keep your mobile devices in a secure place, especially when not in use.
Stay alert on security vulnerability on mobile devices, and apply the latest patches and fixes when available.
Do not install illegal or unauthorised software on the mobile device.
Do not allow wireless connections from unknown or un-trusted sources on your device.
Related topic(s):