Mobile Security “Average” Practices

Someone Entering Username and Password on Mobile PhoneThere have been a few articles over the past week describing some general suggestions on protecting mobile devices. Coincidentally, I’ve been doing some research on advice we could provide “average” everyday iPhone users on this topic and these articles confirmed much of what I’ve found. Yeah, we could consider using one of the newfangled commercial MDM solutions but for Mom and her personal iPhone this probably isn’t an option.

Below you’ll find my favorite suggestions in priority order with some commentary. Note as with the original articles I’ve kept these suggestions high level as to not focus on any specific platform. That will be coming in a later post…

Configure to Lock Automatically & Require a Password to Unlock: I’m fairly paranoid so I configure it to lock after 5 minutes. And of course I use the password option versus a PIN. Some devices might not support passwords so you may unfortunately be stuck using a PIN. Pair this capability with a password/PIN-based failure auto-wipe feature and you should be good to go. Another great nugget of info encompassed in this suggestion is to set a PIN on your connected voicemail account to avoid being murdoched.

Regularly Back Up Your Data: This suggestion is especially important if you are using the password/PIN-based failure auto-wipe feature mentioned above. For most platforms just periodically syncing should take care of this for you. Be sure to also protect your backups as well … possibly encrypting them if your software supports that capability.

Accept All Mobile OS Patches: Whenever Apple, Google, or whoever puts out those patches, get them applied as soon as possible. It’s as simple as that…

Only Buy Apps from Recognized App Stores: Definitely a good starting point but I would also be cautious as malicious apps periodically do get through their vetting processes. If the app looks too good to be true … then it probably is. As with the OS, apply any app patches or updates as soon as possible.

Do Not Jailbreak Your Device: Yeah, you’ll loose out on doing a few cool things but for your average user I think using the built-in capabilities and sanctioned apps should be fine.

Monitor Bills for Irregular Charges: Although this isn’t directly something you do on or with the phone, this suggestion is the Mom-equivalent of reviewing those logs.

Some of the other tips that I thought were out of scope for this article included thinking twice about accepting app permissions (I don’t think most people even know what all the options are), employing security policies to protect employer-issued devices, being mindful of employees introducing personal devices into the office, and remembering that mobile devices are tiny handheld PCs (um … ok).

For additional details on each of these suggestions check out the following two articles.

And don’t forget … I’ll be putting out a post soon specifically for iPhone users so be on the look out for that.


So what do you think? Is the prioritization right given the “Mom” use case? Are there any other tips we should add? Also the post photo is by Which Mobile. See ya!

7 comments for “Mobile Security “Average” Practices

  1. September 22, 2011 at 12:42 am

    #NOVABLOGGER: Mobile Security “Average” Practices

  2. September 22, 2011 at 7:00 am

    #novablogger Mobile Security “Average” Practices

  3. September 22, 2011 at 8:39 am

    Mobile Security “Average” Practices <- Another overused term "Best Practices." 🙂

  4. September 22, 2011 at 3:45 pm

    Any other "average" mobile security practices?

  5. September 22, 2011 at 11:35 pm

    A collection of some basic mobile security practices I’ve been collecting.. More to come..

  6. September 23, 2011 at 12:13 pm

    In case you missed it: Mobile Security “Average” Practices #novablogger

  7. September 24, 2011 at 12:36 am

    Mobile Security “Average” Practices

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.