Best Practices for Mobile Device Security

Posted by Linh Sithihao, Information Security Officer, UC Irvine Health. The ever increasing usage of mobile devices provides convenience to the workforce. However, cybercriminal activity targeting mobile devices and data privacy can have dire consequences, including tracking users, stealing mission critical data, and denying users access to their devices.

The mobile device can also be used as a launching pad for more lucrative attacks aimed at enterprise systems, social networks, and cloud platforms. The healthcare industry has seen 340% more security incidents than the average industry.

Users should be aware of four basic components of device security:

  1. Device auto-lock. Configure your device to lock automatically after a period of time. Only those with knowledge of the passcode can unlock the device.
  2. Device encryption. Protect your mobile device by preventing access from intruders, eavesdropping or interception of data in transit by using encryption technology.
  3. Remote wiping. Install remote locate, track, lock, wipe, backup and restore software to retrieve, protect or restore a lost or stolen mobile device and the personal data on that device.
  4. Device endpoint protection. Install anti-virus, malware detection tools, and update device application and operating systems.

Device Security

There are other best practices as well for securing mobile devices to protect your data and privacy against the growing threats:

  1. Do not circumvent or disengage security features such as passcodes and auto-locks.
  2. Set the device to lock after a set period of inactivity. A recommended inactive period setting is ten minutes or less.
  3. Ensure that you have GPS device location in the event of theft or loss.
  4. Use caution when downloading apps and free software, especially from unsanctioned online stores.
  5. Install an on-device personal firewall to protect mobile device interfaces from direct attack.
  6. Install anti-spam software to protect against unwanted voice and SMS or MMS communications.
  7. Install real-time anti-malware technology via cloud services that continually analyzes and re-analyzes websites and mobile applications. Protect against malicious applications, spyware, infected secure digital (SD) cards and malware-based attacks.
  8. Turn off “beaming” (infrared data transmission).
  9. Turn off the Wi-Fi when you’re not using it; and avoid using public, unsecured Wi-Fi hotspots.
  10. Before discarding any device, make sure it is wiped clean and restored to factory defaults.
  11. Threats to mobile devices are pervasive and escalating. Through malware, loss and theft, misconduct, and direct attacks, users are increasingly susceptible to devastating compromises of mobile devices.
  12. Don’t let your mobile devices be used by children, who frequently download cool-looking but unknown free apps that might be malicious.

Leave a Comment

Your email address will not be published.