Protecting your mobile device

Five tips that will protect your mobile device

A cybersecurity spring cleaning checklist should include your mobile device. Here are five things you can do to manage your device’s cybersecurity risks.

Mobile devices play a large part in today’s business environment. Smartphones, laptops, and tablets make work accessible outside of the office but introduce risk. Companies and individuals who do not have good cybersecurity hygiene are jeopardizing information that could hurt the organization. Consider implementing these practices into your mobile device usage.

Securing your device

It is important to secure your device against cybersecurity risks, including access to data like pictures, finances, correspondence, or any information that could endanger you or your client’s business. Information in the wrong hands could lead to serious business consequences.

Use features such as strong passwords or a password manager, multi-factor authentication, or touch ID. They help protect your information in case devices are lost or stolen. Securing your device will keep sensitive material out of the wrong hands and keep your organization safer from hacking, extortion, and client data leaks.

Protect your data from apps and sites

Know what data is collected while using an app or visiting a website. The app or site may ask for your permission to monitor your location, allow browsing cookies (small data blocks), or access your contacts or camera. Granting these permissions can open your information up to various risks or unintended uses. Denying access when prompted should be your default option. Assess the benefit of enabling access against the risk of the information being used against your organization.

Another threat to look out for is fake apps on the Google Play store. Thieves’ versions look very similar to the actual app the device user is seeking. The goal is to get a user’s financial or other critical information. Thieves will then empty the user’s bank account or use the critical information for phishing purposes. Staying vigilant when using the Google Play store can safeguard your device.

Disable WiFi and Bluetooth

If you are not using WiFi or Bluetooth, disconnect them. When you are in the vicinity of certain stores with “Bluetooth beacons,” they are using your Bluetooth to tell if you have their app downloaded. The app then knows your location and will send you promotional material. These beacons are why you see ads for items you were recently looking at in the real world. Turning off your WiFi and Bluetooth when not using them is the only way to avoid this feature. You regain some control over your location and retail data by doing so.

Know your networks

Public wireless networks are not secure because they lack encryption. Encryption converts information or data into code to prevent unauthorized access. Without this feature, anyone on the public network could access your information or give you malware. The easiest way to manage this risk is not to use public wireless networks.

If you must use the public network, consider using a Virtual Private Network. A VPN will provide some safety when using a public wireless network. Avoid logging into key accounts like email and financial services if a VPN is unavailable. Companies that offer remote work should provide a VPN. Using the VPN will make your device safe, no matter your location.

Keep devices up to date

Software updates deliver security patches and fix previous bugs in the code. Keeping your devices up to date is vital to minimize the possibility of exploitation. To reduce malware risk, update web browsers, apps, software, and operating systems whenever possible. Most device software allows the user to set up automatic operating system and app-specific updates.

Think of unused apps as chinks in the armor. They can present a vulnerability if the app is never updated or exploited unbeknown to the user because they do not use it. Review the list of apps installed on your device and delete unused apps.

In summary

Periodically, perform a “spring cleaning” on your mobile device. Review your passwords, data permissions, device updates, and apps to see if your device is vulnerable. Keeping your device secured and up to date can help protect the information on your device.

For more information about device management and information security, contact Brian Johnson using the information below.

Brian Johnson

Senior Vice President
Technology Services

Brian joined AGH in 1992. He leads the firm’s technology services practice where he helps clients achieve measurable performance improvements through the delivery of specialized, competency-based information systems management, assurance, and advisory services. He has extensive experience in information security, network engineering, and solution development, with recognized specializations in governance, risk, control, and related consulting services.

Brian is a member of ISACA (previously known as the Information Systems Audit and Control Association), the Kansas Society of Certified Public Accountants (KSCPA), the American Institute of Certified Public Accountants (AICPA), the AICPA’s Information Management and Technology Assurance (IMTA) Section, and the Association for Supply Chain Management (ASCM). He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), Certified Data Privacy Solutions Engineer (CDPSE), and Certified in Production and Inventory Management (CPIM).

Brian is also a Certified Public Accountant (CPA) and a graduate of Wichita State University, where he earned Master of Accountancy and Bachelor of Business Administration degrees.

Information security is more than technology, it requires educated staff.
See how we can help identify and mitigate your security vulnerabilities.