Security for mobile phones and tablets
Basic advice for securing smartphones and tablet devices.
The most likely things that go wrong with mobile devices are:
- they break: your best protection is to have a backup
- they are lost: protect from this by always locking them, having a backup, and configuring "find my device"
- they are stolen: as above, always lock them, have a backup, and configure "find my device"
- someone uses one of them without your knowledge or authoristaion: always lock them, it's better if you also encrypt them
Protecting the devices
All it takes is a single accident where your device slips out of your pocket or briefcase at a restaurant or on public transport, and your data could land in the hands of someone who will use it maliciously. Cross links to how to protect in each of these situations is given here:
Encryption on smartphones
For details on how to encrypt smartphones and similar devices, follow the link below.
Anti Malware on smartphones
There is a great deal of conflicting advice out there on the need for an anti malware solution for mobile devices.
With recent developments such as mobile specific adware, the use of more advanced trojans and cryptocurrency mining attacks making their way to mobile the narrative is slowly moving towards the acceptance of anti malware software on mobile devices.
You probably need some sort of security app on your smartphone or tablet, because there are security vulnerabilities in these devices. But how likely you are to be faced with malware and what your options are for protection depend greatly on your device.
The university does not have a preferred solution for anti malware on mobile, but we ask that you bear some things in mind when looking for a potential anti malware solution:
- Are there any reviews on them from tech sites/media? Are they well respected?
- Where is the company based? What permissions will their app require?
- What additional features does the app have? Do you want or need them?
Using these devices at work.
If you use a mobile device or tablet for work, you need to conform with University policies for protecting information. Even if you own the device yourself, you may not own the University information that it contains, or has access to. If the device has access for example, to your University email, it makes sense to apply the basic protection of locking with a PIN, and encrypting the device. Follow the guidance shown above to protect the device.
Other advice for mobile phones and tablets
Other things you should consider, but specific web pages have not yet been prepared to describe these in more detail include:
- Before you dispose of it, or give it away or sell it, securely erase all its content first
- Know what you're downloading. Only download Apps from reputable developers and sources.
- Keep all software up to date, including the operating system and installed Apps.
- Don't share your device with other people, or at home.
- Do not "jailbreak" or "root" your device. It bypasses the manufacturer's protection mechanisms and can leave your device insecure.
- Disable services such as Bluetooth if you are not using them. This limits the options available for hacking into your device.
- If you use it for work, follow the BYOD policy. (See Related Links.)
Bring your own device (BYOD) to work policy