How-to: Mobile Device Security

While mobile devices are some of the most convenient, on-the-go technologies in everyday use, they are also among the most vulnerable channels for leaking confidential information. Secure your mobile devices by following the recommendations below.

Secure Settings

---

Password-protect your devices

iOS:

• On iPhone X and later, go to Settings > Face ID > Passcode. On earlier iPhone models, go to Touch ID > Passcode.
• On devices without Touch ID, go to Settings > Passcode > Turn Passcode On.
• NOTE: iPhone passcodes can be bypassed with USB devices, disable this setting by going to Settings > Face ID & Passcode  or Settings > Touch ID & Passcode > Toggle off USB Accessories.

Android:

• Open the Settings app > Tap Security & location. (If you don’t see Security & location, tap Security.) > Tap Screen lock > Tap the screen lock option you’d like to use > Follow the on-screen instructions

---

Use biometric protection on your devices (if available)

iOS:

• For FaceID: Go to Settings > Face ID & Passcode. If asked, enter your passcode and tap Set Up Face ID.
• For Fingerprint Scanning: Go to Settings > Touch ID & Passcode, then enter your passcode and tap Add a Fingerprint.

Android:

• If your device has a fingerprint scanner or retina scanner, please search your device’s user manual for instructions on how to enable.

---

Always install the latest software updates

Note: If your device cannot update or patches cannot be installed, you may consider getting a new device.

iOS:

• Tap Settings > General > Software Update > Download and Install.

Android:

• Open Settings > About Phone > Check for Updates. Depending on your device’s OS, you’ll see either Install Now, Reboot and install or Install System Software. Tap the option you see. The update will install and your phone will reboot.

---

Set your apps to automatically update

iOS:

• Tap Settings > [your name] > iTunes & App Store > Turn on Updates.

Android:

---

Be sure that your device and apps are only tracking your location when you want them to be.

iOS:

• Go to Settings > Privacy > Location Services > Check each app

Android:

---

Be sure your apps are only using necessary permissions

iOS:

• Go to Settings > Privacy > and click each utility to review

Android:

• Go to Settings > Apps > Configure Apps > App permissions.

---

Disable automatic connections to open Wi-Fi

iOS:

• Go to Settings > Wi-Fi > toggle off Ask to Join Networks.

Android:

• Go to Settings > Wi-fi > toggle off

---

Turn off Bluetooth when not in use

iOS:

• Go to Settings > Bluetooth > toggle off

Android:

• Go to Settings > Wireless & networks > Bluetooth > toggle off.

---

Set up location and remote wiping capability in the case that your device is ever lost or stolen

iOS:

• Go to Settings > Apple iCloud (your name) > iCloud > Find My iPhone.

Android:

• Download Find My Device from the Google Play store. Go to Settings > Security > Find My Device > turn on Allow remote lock and factory reset AND remotely locate this device

---

Hey Siri/Ok Google is always actively listening through the microphone. Disable while phone is locked.

iOS:

• Go to Settings > Siri & Search > toggle off Listen for Hey Siri AND Allow Siri when phone is locked.

Android:

• Go to Google app > Menu > Settings > Voice > “Ok Google” Detection > toggle off Say Ok Google any time

---

Enable warnings when visiting a fraudulent website

iOS:

• Go to Settings > Safari > toggle on Fraudulent website warning.

Android:

• Turned on by default

---

Set your screen to automatically lock after 30 seconds

iOS:

• Go to Settings > Display & Brightness > Auto Lock > tap on the timing you prefer (30 seconds recommended).

Android:

• Go to Menu > Settings.If you don’t see Settings,tap More > Screen or Display > Timeout or Screen Timeout > select 30 seconds.

---

Limit AirDrop to contacts only (iOS devices)

iOS:

• Unlock your device and swipe up from the bottom of the screen to access Control Center. On iPhone X/XR/XS (Max), swipe down from the upper-right corner of the screen. Touch and hold the Airplane Mode, Cellular Data, Wi-Fi and Bluetooth section > tap AirDrop > Choose Contacts Only.

---

Install a security app on your mobile device (predominantly Android devices)

Android:

• Tap the Google Play Store > Search “Malwarebytes” > tap Install > Accept > tap on app once installed and set-up.

---

---

Secure Practices

• Avoid charging mobile devices via USB port in public locations (public charging stations, airports, coffee shops, etc.) as your data can be compromised
  • Tip: Data blocker apps can protect against this and can be found online.
• Never enter or send sensitive or confidential information while on public wi-fi (e.g., entering passwords, inputting credit card information, etc.)
• If you send sensitive information via text message, be sure to use secure messaging apps such as Signal or WhatsApp. Using these apps will encrypt your messages.
• Be mindful of where you view sensitive information. If you’re in a public location where people can look over your shoulder, avoid viewing sensitive or confidential information.
  • To find out what qualifies as sensitive or confidential information, visit Confidential and Sensitive Information.
• Be cautious when connecting your phone via Bluetooth or USB to a rental car as information may be stored onto the cars entertainment system.
• Be sure to only download legitimate apps from well known, trusted app stores.
  • Check for ample reviews of app
  • Beware of apps asking for unnecessary permissions