Monday, June 25, 2012

Mobile Device Security

Enjoy a guest post by UW-Eau Claire's Mobile Technology Specialist, Matt Sias, about security for mobile devices.

UW-Eau Claire is seeing a tremendous increase in usage of smart phones and tablets by students, faculty, and staff to access email and other web services. It is great to see people using these devices for school and work, as they are often times the best tool for the job. But using these mobile devices for both personal and professional purposes presents new and unique security challenges.

A recent study done by the security company Sophos found that 22 percent of all mobile phone owners have lost a phone in the past. An additional 12 percent have had a mobile phone stolen. And 67 percent admitted to not having a security lock on their phone. Since many mobile devices contain a great deal of sensitive personal and professional information, security and the risk of loss and theft become major concerns.

To be fair, in the information technology realm, security can be the enemy of utility. Here are some general recommendations for keeping the data on your mobile device secure without causing you too much trouble:

1. Make sure the data on your device is encrypted. Encryption will obfuscate the information on your device. If an information thief were to gain access to your device, they would be unable to decipher the stored data. Devices running iOS (iPads, iPhones, and iPod touches) are automatically encrypted. Most devices running Android must be encrypted by the owner. This can be done using third-party apps (such as Droid Crypt and AnDisk Encryption), or done through Android itself in newer versions. In order for encryption to be of any real use, though, you will also need to implement screen lock security.

2. Require screen lock security on your device. Most mobile devices, including iOS and Android, offer a variety of options for screen lock security, including passwords, PINs, and drawn patterns. Typically, the longer and more complex your passcode or pattern is, the more secure it will be. Realistically, no one wants to type in a long and complex password each time they access their mobile device. A four digit number or four point pattern is generally viewed as acceptable.

3. Enable a geolocation service on your device. Geolocation services allow you to see where, on a map, your device is at any given time. This can help you recover a lost or stolen device, as well as erase your personal data if your device is not recoverable. iOS devices can use a geolocation service through iCloud called Find My iPhone. Android devices can use third-party apps such as Plan B, Locate My Droid, and iHound.

4. Keep your device up-to-date with operating system and app updates. Updates for both iOS and Android are released from time to time. Third-party apps are often updated by their developers, as well. These updates often include enhanced security features or fixes for security vulnerabilities.

5. Be vigilant of phishing scams. Phishing is when someone attempts to trick someone else into giving up personal information. Phishing comes in many different forms on mobile devices, such as emails, text messages, and even phone calls. Never give out your passwords or other sensitive personal information through these media unless you are certain of the recipient.

6. Be prepared for viruses and other malware. Viruses are not quite as common on mobile devices as they are on computers, but they do exist. A variety of virus protection apps exist for Android (such as Lookout). Apple, however, does not allow antivirus apps in the iOS App Store. This means that extra care must be given when visiting untrusted websites, apps, or services.

7. Make regular backups of your mobile device. Hardware failure and software crashes can cause loss of your data, just like on a computer. iOS devices can be backed up onto a computer through iTunes or online through iCloud. Android devices can use a Google service to automatically back up settings and other files can be saved to your Android device’s SD card.

No comments:

Post a Comment