Mobile Device Security Best Practices - Comptia a+ 220 - 802 - 3.3
Tip: Highlight text to annotate itX
Our mobile devices have some significant security risks.
They're mobile, so we take them everywhere.
And they're small, so they're very easy to lose or misplace.
And we keep such private and confidential information on
these mobile devices.
And we also need to think about how we
secure them as well.
A good security best practice for our mobile devices is to
configure a pass code lock.
That way, when we leave our phone somewhere and someone
picks it up, they would not be able to gain access to the
data unless they knew that passcode lock.
You get to decide how complex you would like this pass
phrase or this code to be.
On some devices, you can do a simple four digit pin.
On other devices, you may want to add a pass phrase.
And still on other mobile devices, you move your finger
around the screen in a certain pattern, and that's what
unlocks the device.
Another nice feature of these pass code locks is that there
is a penalty for a certain number of failed attempts.
For instance, in iOS, you can configure the phone to wait
for 10 failed attempts.
And after you have 10 of those in a row, the phone will
delete everything on it.
And that way even if you never regain access to the phone,
you at least know that all of the data will be erased if
somebody's trying to hack into it.
On an Android device, it's configured to lock the device
completely and you have to give your Google username and
password, which of course should be a lot harder to
guess than something like a passcode lock.
None of us like losing our mobile phones, but fortunately
there's some technology inside of the device itself that can
help us get it back.
And one of those is the built in Global Positioning System--
the GPS.
These devices will usually integrate with a map and give
you an idea of where your phone might be located.
There are also a number of location helpers, like Wi-Fi
networks or triangulation of the mobile provider antennas
that can help us get a little bit closer and put an icon
right on a map that tells us here's where your phone
happens to be located.
Something that I'll use even in my own home, is I'll go to
this map front end in my browser and tell
it to play a sound.
And my mobile device then rings very loudly.
Even if it's configured on mute, it will then make a
noise so that I can figure out where it happens to be can
also display a message on the screen as well.
And finally, you can tell the mobile device, I'm never going
to find you.
I have no idea where you are.
Please nuke everything on the phone.
Erase all of the data whatsoever.
That way, even if I'm never able to find it, it will have
none of my personal data on it.
Well, if we lose our phone and we have to delete everything,
it would be nice to have a backup that we could then buy
a new device and restore all of our data onto that.
One of the challenges, of course, is that this is a
wireless device that is constantly moving.
And we're always changing and updating the information
that's inside of that device.
One of the very common ways to then back up this data is to
back it up to the cloud.
There are services that are available on the internet that
will back up our data and store it as we're moving
around throughout the day.
This is a constant backup.
We don't have to push a button and tell it to back up.
We don't have to remember to back up this information.
It is always being updated with what the latest
information might be.
And it's not using any wires.
We don't have to take it to a computer.
We don't have to plug it in.
It's simply backing up remotely all over those
wireless networks that we're using all the time.
The advantage here is that if we lose our device and we have
to buy a new device, we simply configure it
with that cloud login.
And it will then begin downloading all of our
information.
This may take quite a bit of time to finally download all
of the things that we need, but we know that it's all on
the cloud, and we can at least get all of our information
back, even if something was to happen to that mobile device.
With millions of mobile devices out there, the bad
guys know that you have some pretty confidential and
important information that you're storing.
And they've already created the malware to try to extract
that information from your phone and put it into the
hands of those bad guys.
This is where the different philosophies between iOS and
Android really shows some significant differences.
With iOS, it is a completely closed environment.
Apple doesn't allow you to put an application on a third
party website and download that application and load it
in your phone.
This is a very closed environment.
Everything goes into the Apple App Store and you can only
download and run applications if Apple has approved those
applications.
Malware, therefore, has to find some other way in.
They can try to sneak through the app store, but they're
probably not going to be able to do that.
Instead, they've got to find some type of operating system
vulnerability, and that's much more difficult than trying to
have somebody download an application from a website.
Obviously, one of the advantages of Android is that
it's a very open operating system.
I can go to any website and download any application and
run it on my Android device.
Unfortunately, that means that I can download malware and run
it on my Android device as well.
It's very easy for malware to find its way
into the mobile device.
Fortunately, the applications run in what we can effectively
think of as a sandbox.
Applications don't have complete access to everything
in the operating system.
They can't access your contacts unless you allow that
application to access your contacts.
They can't access your mail unless you tell the mobile
device to allow that application
to access your mail.
So even though you may have downloaded and run the
malware, at least we know that it can't access things that we
haven't specifically given it permission to.
One way to keep the bad guys from using those
vulnerabilities to get into your mobile device is to
always have the latest operating system running on
that mobile device.
Just as you update the operating system and the
capabilities of your desktop computer, you need to update
the operating system and capabilities of your mobile
devices as well.
These updates maybe things like device update security
patches, to make sure that all of the
vulnerabilities are covered.
Any time there is something identified as a security
problem, the manufacturer will create a patch and allow you
to update your operating system.
Maybe there's new features and you want to take advantage of
those new features.
You'd have to update the OS to be able to use those.
You don't want to get behind on these.
Once the bad guys know about a vulnerability, they will
immediately try to take advantage of that.
Because they know there will be a delay as people update
their operating systems.
So to avoid that, make sure that you're always up to date
when a new patch comes out.
Make sure you load it as soon as possible
onto your mobile device.
