Are you confident your mobile devices are secure?
If you've just bought a new device, or haven't looked at your security settings for a while, you should take some time to make sure you're protected against the latest cyber threats.
While mobile devices like smartphones, tablets and laptops are getting more secure, cyber criminals are using more sophisticated methods to attack.
An example of these is smishing where a fraudulent text message is sent to someone’s mobile phone, asking them to call a phone number or click on a web link, with the aim of persuading them to share their personal /financial details or make a false payment.
What is mobile device security?
Mobile device security refers to the security measures taken to protect your private data stored and transmitted on your mobile devices. Good security measures should prevent unauthorised users from accessing these devices without your knowledge and consent.
Examples of mobile devices that require this type of protection include:
-
Smartphones
-
Laptops
-
Tablets
-
Wearables e.g smartwatches and other portable devices that require a connection to the Internet
Pocket Guide to Mobile Device Security
Read our collection of hints and tips to help secure your devices and the data stored on them if they're lost or stolen, and to prevent them from being hacked. Step by step tutorials on how to configure these security settings are detailed below -
Download
Pocket guide to mobile device security V.1 (PDF 1.7 MB)
Setup the screen lock on your device
Each time you turn on your device or wake up the screen, you’ll be asked to unlock your device, usually with a PIN, pattern or password or even your fingerprint.
Set a screen lock on:
Android Device
Apple Device
Create a strong password using three random words
Weak passwords can be hacked in seconds. The longer and more unusual your password is, the stronger it becomes and the harder it is to hack.
Starting with your most important accounts (such as email, banking and social media), replace your old passwords with new ones. Just connect three random - but memorable - words together.
Create strong and unique passwords using three random words
The best way to make your password difficult to hack is by using a sequence of three random words you’ll remember - the longer the better. You can make it even stronger by including special characters and numbers.
For Example.
FriendsHippoMaze - Strong Fr1endsH!pp0M@ze – Stronger
Avoid using symbols in short common words e.g. P@$$W0rd1. The best approach is to replace your old passwords with new, more secure ones.
Save your passwords in your browser
Using the same passwords for all your accounts makes you vulnerable - if that one password is stolen, all your accounts can be accessed. It’s good practice to use different passwords for the accounts you care most about. Remembering lots of passwords can be difficult, but if you save them in your browser, you don’t have to.
Browsers are constantly being updated to keep sensitive personal data secure, so store your passwords in your browser when prompted; it’s quick, convenient and much safer than re-using the same password.
Passwords should only be saved in your own private browser - not on a shared or public computer.
How to save passwords in your browser:
Google Chrome
Microsoft Edge
Firefox
Safari
Turn on two-factor authentication
Two-factor authentication (2FA) is a free security feature that gives you an extra layer of protection online and stops cybercriminals getting access to your accounts - even if they have your password.
2FA significantly reduces the risk of being hacked by asking you to provide a second factor of information, such as getting a text or code when you log in, to check you are who you say you are.
Check if the online services and apps you use offer 2FA – it’s also called two-step verification or multi-factor authentication - and turn it on. Start with the accounts you use regularly and that matter most to you - such as your email, social media and online shopping.
How to turn on two-factor authentication (2FA) for: Email
Gmail
Yahoo! Mail
Outlook
AOL Mail
How to turn on two-factor authentication (2FA) for: Social Media
Instagram
Facebook
Twitter
LinkedIn
How to turn on two-factor authentication (2FA) for: Banking
Your bank automatically carries out an extra security check if you use online banking, so you don't need to turn this on yourself. However, you should check that your bank has your correct phone number so they're able to text a code to your mobile or call your landline to confirm it's you.
Update your operating system, apps and software
Cyber criminals exploit weaknesses in software and apps to access your sensitive personal data, but providers are continually working to keep you secure by releasing regular updates. These updates fix weaknesses, so criminals can't access your data.
Using the latest versions of software, apps and operating system on your mobile device can immediately improve your security. We strongly encourage you to update regularly, or set your phone or tablet to automatically update so you don’t have to think about it.
How to turn on automatic updates for:
SOFTWARE
Android - smartphone and tablets (opens in a new tab)
Apple - Mac (opens in a new tab)
Apple - iOS and iPad (opens in a new tab)
Microsoft - Windows 10* (opens your MS settings)
*Microsoft has stopped support for Windows Mobile and Windows 7 - if you are using these platforms you should upgrade to remain secure.
APPS
Google - Android (opens in a new tab)
Apple - iOS (opens in a new tab)
Turn on backup
If your phone, tablet or laptop is hacked, your sensitive personal data could be lost, damaged or stolen. Make sure you keep a copy of all your important information by backing it up regularly. You can choose to back up all your data or only information that is important to you.
How to turn on automatic back up on your device:
Apple - Mac
Apple - iPhone, iPad and iPod Touch
Google devices - Android
Microsoft - Windows 10 and 8
Review privacy settings
There are two main aspects of privacy that you need to review on your mobile device.
-
Browser privacy settings
-
App permissions
Browser privacy
Browsers have features in place to promote a better user experience, such as log history and use of cookies by third parties to promote other services and gather information on making services better.
While these can be used to improve a service they can be potentially harmful. We recommend that you review the privacy settings and make an informed choice on what should be in place and what shouldn't, depending on your preferences towards security and privacy, balanced with user experience on the sites and services you use.
How to set privacy settings in your browser:
Google Chrome
Microsoft Edge
Firefox
Safari (Mac)
Safari (iPhone)
App permissions
There are many sites offering the latest apps for your devices. Many of these are reputable but others can be harmful, containing malware that could compromise your device and steal your login information or data.
The best option is to download from trusted mobile stores such as Google Play or the Apple App Store, where a rigorous validation of the apps has been carried out.
Trusted app stores:
Google - Android (opens in a new tab)
Apple - iOS (opens in a new tab)
Secure use of public Wi-Fi
When you use a public Wi-Fi hotspot (for example in hotels or coffee shops), it's difficult to find out who controls or owns it. If you connect to a hotspot, somebody else could access what you're working on, or they could view your private login details of apps and web services while you're logged on.
The safest option is not to connect to the Internet using unknown hotspots, and instead use your mobile's 4G or 5G network, which will have built-in security. This means you can also use 'tethering' (where your other devices such as laptops share your 4G or 5G connection), or a wireless 'dongle' provided by your mobile network.
How to set up a personal mobile hotspot:
Apple (iPhone/iPad)
Google (Android)
If you need to connect to public Wi-Fi, you should consider using Virtual Private Networks (VPNs), a technique that encrypts your data before it is sent across the Internet. You should only use VPNs provided by reputable service providers.
There are two types of VPN service - personal and business. Both work in a similar way by providing an encrypted tunnel through the Internet to a break out destination.
A personal VPN is mainly used by individuals to provide an element of privacy and allows you to break out of the Internet at a different location across the globe thus providing an element of privacy. There are many companies providing these.
The other type of VPN is used mainly for business and allows a secure connection back to an office location, allowing you to secure encrypted access to your business applications and data.
Find a lost device
The Find My Device or Find My (Apple) is a useful option in case you lose your phone, tablet or smartwatch. Once activated, you can use this function to locate your device. If you are worried about sensitive data on your device, you can also erase it remotely using this service.
How to turn on Find My Device / Find My Phone for:
Android
To find, lock, or erase an Android phone/device, it must:
Be turned on
Be signed in to a Google Account
Be connected to mobile data or Wi-Fi
Be visible on Google Play
Have Location turned on
Have Find My Device turned on
Step by step instructions to turn on Find My Device for Android
Apple (iOS)
Apple user can use the Find My App. After you have set up Find My, you can locate a lost or stolen device or even help a friend find their missing device.
Step by step instructions to turn on Find My Device for Apple
Microsoft Windows 10
Find My Device is a feature that can help you locate your Windows 10 device if it's lost or stolen. To use this feature, sign in to your device with a Microsoft account and make sure you're an administrator on it.
Step by step instructions to turn on Find My Device for Microsoft
Resources
Pocket Guide to Mobile Device Security