Mobile Security Tips for End Users

In a mobile world, it is important to conduct a risk analysis of whether a person may be a target of an attack on their phone. Here are some steps one can take to reduce the exposure to phone-based attacks, depending on the level of risk...

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Mobile Security Tips for End Users

In a mobile world, it is important to conduct a risk analysis of whether a person may be a target of an attack on their phone. A number of vulnerabilities have been utilized over the years, such as Pegasus, that allow for remote access to phones; all the end user has to do is click a bad link, and the threat is placed on their phone. Your personal information will be compromised, and if you use it for work, your company’s information is now at risk too.

Here are some steps one can take to reduce the exposure to phone-based attacks, depending on the level of risk…

Procedural Security: Reduce the amount of information that could be stolen

  • Minimize the amount of private information stored on the phone (email, texts, photos, passwords, documents, etc.)
  • Minimize the amount of private information conveyed during phone calls.  Use coded language where necessary
  • Minimize the phone’s automatic authenticated access to other data sources (email, VPN, finances)
  • Don’t take the phone into private meetings where there is a concern for eavesdropping
  • Cover the cameras when not in use


Technical Security:
Reduce vulnerability to attack by malware

  • Keep phone OS up to date
  • Don’t click on untrusted or shortened web links
  • Disable WiFi and Bluetooth when not specifically in use
  • Avoid use and installation of 3rd party apps where possible
  • Don’t use a business phone for personal use, and vice-versa
  • Factory reset the phone (re-install phone OS) on a regular schedule
  • Install reputable endpoint protection software


Physical Security:
Keep the phone within your control

  • Don’t leave phone unattended or in control of anyone else (conferences, hotel rooms, federal buildings, office, car, etc.)
  • Turn phone off near security checkpoints
  • Ensure your phone is locked and that access requires fingerprint versus password access
  • Don’t publicize your phone number beyond those you trust
  • Use a second phone for travel to risky geographies and leave the primary phone at home. Leave second phone turned off when not in use.
MobileSecurity_Technium

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »