{"id":1070,"date":"2019-10-07T17:26:43","date_gmt":"2019-10-07T21:26:43","guid":{"rendered":"http:\/\/joindeleteme.com\/blog\/?p=1070"},"modified":"2019-10-07T17:26:43","modified_gmt":"2019-10-07T21:26:43","slug":"deletemes-best-practices-for-mobile-device-security","status":"publish","type":"post","link":"https:\/\/joindeleteme.com\/blog\/deletemes-best-practices-for-mobile-device-security\/","title":{"rendered":"DeleteMe&#8217;s Best Practices for Mobile Device Security"},"content":{"rendered":"\n<div class=\"wp-block-rank-math-toc-block uk-card-default uk-padding\" style=\"font-size:16px\" id=\"rank-math-toc\"><h4>Table of Contents<\/h4><nav><ul><li><a href=\"#1-use-the-tools-the-device-manufacturer-and-phone-carrier-provide\">1. Use the tools the device manufacturer and phone-carrier provide<\/a><\/li><li><a href=\"#2-enable-two-factor-authentication-2-fa-for-all-online-accounts\">2.  Enable two-factor authentication (2FA) for all online accounts<\/a><\/li><li><a href=\"#3-encrypt-your-data\">3. Encrypt your data<\/a><\/li><li><a href=\"#4-avoid-apps-from-unknown-vendors\"> 4. Avoid apps from unknown vendors<\/a><\/li><li><a href=\"#5-keep-your-phone-up-to-date\">5. Keep your phone up-to-date<\/a><\/li><li><a href=\"#6-be-leery-of-any-file-sharing-via-text-messaging\">6. Be leery of any file-sharing via text messaging<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<p>Until fairly recently, there was a disconnect between the way many users treated security of personal computers versus their portable devices.\u00a0 PC\u2019s receive antivirus applications, firewalls, layers of advanced network permissions, and many users have developed relatively sophisticated attitudes towards email-communications, encrypting sensitive attachments, and becoming more cognizant of phishing techniques.<\/p>\n\n\n\n<p>Mobile devices, on the other hand, spent much of the past decade being treated blithely, with little real concern for device security other than a 4 digit password.&nbsp; Application level security remains rare. Behavior is generally far more risk-tolerant, particularly with permissions granted to unsigned applications, and file-sharing via chat or cloud applications undeservedly treated as risk-free.<br><\/p>\n\n\n\n<p>This is changing, but slowly.&nbsp; The most recent generation of smartphones has made fingerprint authentication near-universal, and network carriers are being more proactive in providing customers protections against unsolicited communications.&nbsp; However, significant weak-spots remain in device security, particularly in how user information is concentrated and shared by applications in ways not transparent to the end-user.&nbsp;&nbsp;<\/p>\n\n\n\n<p>Here are some tools and tips DeleteMe recommends for users wanting to improve mobile-device security, and general recommendations for best-practices in daily usage:<br><\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"1-use-the-tools-the-device-manufacturer-and-phone-carrier-provide\"><strong>1. Use the tools the device manufacturer and phone-carrier provide<\/strong><\/h4>\n\n\n\n<p>Too often people disable features already available to them within the settings of their devices, and resort to third-party \u2018security\u2019 applications written by some unknown 3<sup>rd<\/sup>-party provider.&nbsp;&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ensure lock-screens require both PIN # and fingerprint or facial-recognition unlock.&nbsp;&nbsp;<\/li>\n\n\n\n<li>Create stronger passwords than minimum required.&nbsp;&nbsp;<\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.digitalcitizen.life\/how-change-or-remove-sim-pin-android-2-steps\" target=\"_blank\"><strong>Utilize the SIM-card lock feature on Android phones<\/strong><\/a> which requires re-entering passwords for accessing stored data; this will protect against anyone simply stealing the card itself and bypassing phone-based security features.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"2-enable-two-factor-authentication-2-fa-for-all-online-accounts\"><strong>2.  Enable two-factor authentication (2FA) for all online accounts<\/strong><\/h4>\n\n\n\n<p>Especially for core services like personal banking, peer-to-peer payments, social-media, and your <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.google.com\/landing\/2step\/\" target=\"_blank\"><strong>Google account<\/strong><\/a> and <strong><a href=\"https:\/\/support.apple.com\/en-us\/HT204915\" target=\"_blank\" rel=\"noopener\">Apple-ID<\/a><\/strong>, make sure you are using the extra-layer of security provided by two-factor authentication.&nbsp;&nbsp;Here\u2019s a helpful rundown <strong><a rel=\"noreferrer noopener\" aria-label=\"of online services offering 2FA (opens in a new tab)\" href=\"https:\/\/www.theverge.com\/2017\/6\/17\/15772142\/how-to-set-up-two-factor-authentication\" target=\"_blank\">of online services offering 2FA<\/a><\/strong> to protect people\u2019s accounts, and here is a list of <strong><a rel=\"noreferrer noopener\" aria-label=\"financial services providers  (opens in a new tab)\" href=\"https:\/\/twofactorauth.org\/#banking\" target=\"_blank\">financial services providers <\/a><\/strong>and their 2FA offerings<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"600\" height=\"382\" src=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2019\/10\/shutterstock_597295343.jpg\" alt=\"Use two factor authentication to improve Mobile Device Security\" class=\"wp-image-1078\" srcset=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2019\/10\/shutterstock_597295343.jpg 600w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2019\/10\/shutterstock_597295343-300x191.jpg 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><figcaption class=\"wp-element-caption\"><br><\/figcaption><\/figure><\/div>\n\n\n<p><\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"3-encrypt-your-data\">3. Encrypt your data<\/h4>\n\n\n\n<p>Some new phones current encrypt data by default, but many devices in use still only make this available via options in settings.&nbsp; Here are step-by-step guides to confirm data-encryption for both <strong><a rel=\"noreferrer noopener\" aria-label=\"Android (opens in a new tab)\" href=\"https:\/\/www.androidauthority.com\/how-to-encrypt-android-device-326700\/\" target=\"_blank\">Android<\/a><\/strong> and <strong><a rel=\"noreferrer noopener\" aria-label=\"iPhone (opens in a new tab)\" href=\"https:\/\/usa.kaspersky.com\/resource-center\/preemptive-safety\/iphone-encryption\" target=\"_blank\">iPhone<\/a><\/strong> users.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"4-avoid-apps-from-unknown-vendors\"><strong> 4. Avoid apps from unknown vendors<\/strong><\/h4>\n\n\n\n<p>While iOS apps are generally safe because of Apple pre-screening, Android apps are provided directly by a range of independent, unverified 3<sup>rd<\/sup>-party vendors.&nbsp; Google has recently made efforts to mitigate risks by developing <a href=\"https:\/\/www.android.com\/play-protect\/\" target=\"_blank\" rel=\"noopener\"><strong>Google Play Protect<\/strong><\/a> \u2013 an app-screening service that scans for any risky features or malware included with downloaded apps.<\/p>\n\n\n\n<p>But even when a 3<sup>rd<\/sup> party app may not have any malicious intent, they can create security vulnerabilities via a combination of unneeded permissions and non-essential network communication (often to deliver targeted ads).<\/p>\n\n\n\n<p>Spend some time researching applications and their vendors before installing them on your phone.&nbsp; Additionally: delete any legacy applications you don\u2019t find yourself using anymore.  <\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"5-keep-your-phone-up-to-date\"><strong>5. Keep your phone up-to-date<\/strong><\/h4>\n\n\n\n<p>One of the biggest mistakes some people make is disabling automatic software updates in order to prevent unplanned large downloads from hitting their monthly data usage.&nbsp; Make sure to regularly check for OS updates and do so as soon as possible after they become available.  Most updates include fixes for specific security-risks.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"6-be-leery-of-any-file-sharing-via-text-messaging\"><strong>6. Be leery of any file-sharing via text messaging<\/strong><\/h4>\n\n\n\n<p>While sharing photos with friends and family is routine daily behavior, attachments via SMS are almost entirely without any sort of security-protections, and should never be used for any sensitive information.&nbsp; In general delete any unsolicited SMS attachments without reading, and routinely clear your own text-messaging history.<br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Until fairly recently, there was a disconnect between the way many users treated security of personal computers versus their portable devices.\u00a0 PC\u2019s receive antivirus applications, firewalls, layers of advanced network permissions, and many users have developed relatively sophisticated attitudes towards email-communications, encrypting sensitive attachments, and becoming more cognizant of phishing techniques. Mobile devices, on the [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":1072,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[26],"tags":[],"class_list":["post-1070","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-privacy-tips"],"acf":[],"_links":{"self":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/posts\/1070","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/comments?post=1070"}],"version-history":[{"count":0,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/posts\/1070\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/media\/1072"}],"wp:attachment":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/media?parent=1070"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/categories?post=1070"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/tags?post=1070"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}