Mobile devices are a lucrative opportunity for bad actors not just for your personal info, but can also be an entry point into the organization you work for. While your organization may have even basic cybersecurity measures implemented for your desktop devices and network, your mobile devices have similar vulnerabilities WITHOUT strong security defenses. You have a responsibility to yourself and to your organization to mitigate these risks. Here are five ways to more secure mobile devices.
- Lock Device with A Passcode – If you lose or leave your device otherwise unattended, it is critical that it is protected with a passcode. One of the simplest yet most effective security measures is to set a strong passcode with a unique combination of letters and numbers where possible or use biometric authentication like fingerprint or facial recognition. This ensures that only authorized users can access your device.
- Disable WiFi Auto-Connect. While it may seem convenient to allow your phone to auto-connect to WiFi, it can pose security risks. Cybercriminals can set up rogue WiFi hotspots with names similar to legitimate networks to trick your device into connecting to them. Disable this feature by turning off WiFi auto-connect in your device settings. Manually connect to trusted networks only and use a Virtual Private Network (VPN) if you need to connect to public WiFi. Employing a VPN adds an extra layer of security by encrypting your internet traffic.
- Use Secure Messaging Apps. Sensitive business discussions over mobile devices may be unavoidable if you travel frequently or work remotely but traditional text messaging has several vulnerabilities. There is no encryption so messages can be easily intercepted and read by someone with the technical know-how and there is limited authentication of who you are communicating with because phone numbers can be spoofed by bad actors. To prevent potential breaches of confidential information, use secure messaging apps (like Signal or WhatsApp) that offer end-to-end encryption and additional security features.
- Report Smishing Text Messages. “Smishing” is a form of phishing conducted via text messages. Cybercriminals send fraudulent messages to trick users into revealing sensitive information or clicking malicious links. Just like within your emails, you must inspect links within text messages. Avoid clicking on links from unknown senders or messages that seem suspicious and learn how to inspect the link on your device without clicking through it so you can inspect it. If you receive a suspicious text, report it to your mobile carrier or relevant authorities to help prevent further attacks.
- Routinely Review Loaded Apps. There’s no reasonable way to inspect all code included in the apps you use on your mobile device, but in addition to having access to your device features, usage, and data, they could also include security gaps. Verify apps through reviews, set your apps to auto-update so you get critical security patches, restrict app access to only essential features and data, and revoke any unnecessary permissions. Regularly review the list of apps and uninstall any unused apps to help reduce potential security vulnerabilities.
October is National Cybersecurity Awareness Month. Follow along with us as we highlight ways to establish a strong security posture that will help protect your organization. Want to check on your security posture? Start with our FREE cybersecurity self-assessment.