Securing Mobile Devices
Much important information is kept on handheld mobile devices: smart phones, tablets, etc. The same guidelines for protecting confidential information apply to these devices as to personal computers. It is particularly important to protect confidential information on handhelds because they are at great risk of loss or theft.
- If you don't need to have the confidential information on the device, remove it.
- If you must have confidential information on the device, keep it encrypted or otherwise protected.
- Make sure to keep backups or any information on the device, so that if the device is lost, stolen, or damaged the data are not lost.
CIS cannot know and support every kind of mobile device, but we have experience with many different iOS and Android-based devices. Regardless of what type of mobile device you use, you should find appropriate ways to meet the guidelines above. Contact us with any questions you have.
Tips on Securing Your Device
Set an unlock code or passphrase. It's difficult – or often impossible – to prevent your mobile device from "remembering" the passwords you use for websites and email accounts. Your device should require a code or passphrase to gain access. If you don't need a code to get in, neither do the bad guys who may have just swiped your phone.
Set up your device to allow "remote wipe". For iPhones, iPads and iPod Touches, this can be done through Apple's Find my iPhone app. Android device owners can install similar apps from the Android Marketplace to recover or remotely wipe a device.
Configure your device to automatically erase itself after a set number of failed unlock attempts. iOS and Android devices offer this setting. If you choose to enable it, make sure your backups are current!
Securely Store Passwords. Passwords stored on your smartphone or tablet should be encrypted when possible. Secure password storage and synchronization to mobile devices is available with password management software, as mentioned on the CIS general password guidelines page. You'll still want that unlock code mentioned above, but a mobile password manager can provide added protection.