Saturday, August 21, 2010

Lock Down: My Mobile Security Basics

As technology progresses and the masses start adopting it into their daily lives; we see another side of society start popping up.  Malware, trojans, spyware, and fraud websites have become a part of our digital life. With the recent explosion of the mobile world, more and more us now carry tons of our personal data and information with us on our phones.  In turn, we put ourselves more at risk of losing such data.

Today's post will outline a few of my basic security practices for mobile users.  Lets get started!

Setup a lock password / phone password

If you value your data, a lock password or phone password is the first security measure to take!

Ideally, a secure/strong password should be used but any password is better than no password.  Using a non-alpha/numeric character greatly increases the strength of your password.  Don't use 1234 or 1111 or 2222 type of patterns.

iPhones and Android phones also have an automatic device wipe after a 10 consecutive invalid password entries.

Wipe your screen!

Recently security experts have noted how touchscreen devices could reveal users passwords by the finger smudges left by entering in the passwords.  If you use a gesture/pattern password (Android) or have a touchscreen device; just wipe your screen on your pant pocket before you put it back in.  Easy and one less possible way to lose your data if you lose your device.

Don't follow links from emails to login pages

If you receive an email from you bank about your password or account needing changes, always go directly to the site in your browser.  Phishing scams are very popular these days and the scammers are getting better at masking the fake emails to look like official ones from your bank/paypal/etc accounts. Report such emails to your bank to help them.

Encrypt your phone's storage and sd card (if possible)

One of RIM's and Blackberry's biggest selling points is the fact that it does encrypt the phone's storage and you can also encrypt your memory cards contents too.

On your Blackberry, go to Options > Security > General Options.  Enable Content Protection.

To encrypt/secure your memory card, go to Options > Memory. Encryption mode: Security Password and Device and also Encrypt Media Files: Yes.

iPhone and Android devices don't have a true encryption method yet as of this post. There are a few ones that encrypt specific file types but not the whole device.

Disable your Bluetooth Discovery / Change the Root/SSH password

If you jailbreak your iPhone, it is always recommended to change the default root password. The easiest method to do this on your iPhone is to download TheRock app from Cydia (TheRock is another application store for jailbroken iPhones) and it will prompt you to change the root password.  You can also do this via an SSH client from your pc too.

If you use Bluetooth on your phone, be sure to disable Discovery mode when your not pairing devices. Software exists that lets a hacker connect to your phone and browse its file system.  Disabling Discovery mode will prevent this and also save a little battery life too.

Wrap up...

Hopefully these few basic security tips will help the mobile user start a more secure digital life. Like most things in life, use your common sense.  If something doesn't seem right, investigate it.  If something sounds too good to be true, it most likely is.