Carnegie Mellon University

6 digit phone passcode screen

April 22, 2020

Keep Your Mobile Devices Secure

Mobile devices, such as a smartphones and tablets, aren’t exempt from cybercrime. When a mobile device is connected to the Internet, the user of that device faces the same threats as a desktop computer user. Fortunately, you are not powerless when it comes to cyber threats. Taking a few preventative measures will go a long way in stopping a cyber-attack before it begins. In order to protect yourself from mobile device threats, keep the following tips in mind.

  • Keep Software and Apps Updated: As flaws are constantly being discovered, vendors update their applications and software regularly. Software updates often include fixes to security vulnerabilities. For peace of mind, enable automatic updates so that software and applications are updated as soon as a new version is released.
  • Use Strong Authentication: Be sure to set a 6-digit pin or long and complex password for your devices. Biometric such as face recognition or fingerprint scanning can add security as well as convenience to the authentication process. Strong authentication makes it difficult for someone to access the device's stored or accesible content if it is lost or stolen. 
  • Beware of Unfamiliar Apps: Companies such as Apple and Google attempt to screen contributed apps as much as possible. However, malicious apps still appear in app stores from time-to-time which can cause a spyware infection, ransomware infection, and data leakage. To protect yourself, be cautious of apps with limited reviews, apps that are rarely updated, and third-party apps that are not a part of the official app store. Simply plugging the app developer's name into a search engine could help raise red flags on suspicious software.
  • Review App Permissions: Apps sometimes request more permissions than necessary, like location services. Make sure apps only have access to features they need. If an app does require the use of location services, configure it to only run when using the app.
  • Use Secure Wi-Fi Networks: Public hotspots and free Wi-Fi networks are inherently insecure and should be avoided. These open networks allow a criminal to spy on your online activity and leave you vulnerable to an attack. If connecting is necessary, avoid logging into key accounts and financial services. Additionally, turn off the automatic Wi-Fi connection feature to ensure you are not unknowingly connecting to a malicious network.
  • Configure Remote Lock and Data Wipe: Most mobile devices have a built-in service that you can enable that will allow you to lock your device and erase all of the data on your phone from a remote location. This can help protect your personal information stored on the phone when a device is lost or stolen.
  • Beware of Vishing and Smishing Attacks: Attackers use a variety of methods to get users to download malware or reveal personal information. Be wary of unsolicited calls or SMS text messages from organizations requesting personal information or directing you to click on a link. Verify any suspicious messages, calls, or emails before reacting by contacting the supposed sender directly through a trusted channel. Check out the Phishing page for more information on these types of attacks.

Your mobile devices are powerful tools that should be used and enjoyed without worry. Just following these few simple steps can go a long way to keep you and your devices secure. For more ways on securing your devices, visit the Protect What You Connect homepage.