Simple security tips for your Smartphone Part 3

28.10.2021

As one saw in parts 1 and 2, I came across 7 important pieces of advice.  

8. Use VPN for all network traffic

Most often, smart phones represent an important threat to the corporate network that should be secured regardless of the level of users.

Using a VPN solution against the Internet is more important than before. VPN means Virtual Private Network and works by encrypting the traffic you send and receive via your VPN provider. Therefore, the choice of VPN provider is important, and crucial for how secure the VPN solution is. Use a VPN solution from a reputable provider, preferably a centrally procured VPN solution that is managed by your IT department.

VPN is also used to provide access to your business network and services from the internet.

9. Be careful when using Bluetooth and turn it off when not in use

Bluetooth can easily connect a connection between a phone, tablet, or PC to other wireless devices such as headphones, hands-free devices or a smartwatch. A Bluetooth connection can transfer data between your mobile device and other devices. To prevent possible information leakage, turn off Bluetooth when not in use. Be restrained and careful to connect your device to devices you do not trust.

Note that the Bluetooth connection to the entertainment and navigation system of a car may transmit contact information and phone calls to the car computer. These can be difficult to delete. If you have borrowed or rented a car, you should not connect your devices to the car.

Only activate Bluetooth when you need it. Avoid connecting to devices you do not own (such as rental cars) and remember to turn the Bluetooth OFF after use.

10. Sharing data with direct wireless connection

There are several direct wireless connections that can be used when sharing data between different mobile devices. These are known by the names of the suppliers' specific solutions.

Sharing data directly between mobile devices can often be better than other sharing services that go through the internet and perhaps via a cloud solution. This is because the possibility for others to eavesdrop on communication is reduced. When using sharing services, be aware that they must be deactivated (OFF) immediately after the transfer. This also applies to the use of Bluetooth (see recommendation no. 9).

Use a solution that is encrypted and verifies that you are connecting to the correct other mobile device. Set settings so that you only allow sharing with devices that are in your contact list.

11. Give apps minimal access to microphone, camera, and location data

A phone, tablet, or PC can register where you are. It can reveal where you work, where you live and which locations you visit, even if you do not use the navigation app.

You should exercise great caution and restraint in giving apps access to your device's microphone, camera, and location data (GPS). Unwanted access to these functions can have major consequences for the security of the device's environment and the user's privacy, e.g., by hidden recordings and tracking of movement patterns.

You should therefore regularly check that apps' access to microphone, camera and location data is set to a strict minimum. Be especially careful with social media apps, as these often require more access than many users strictly need for their regular use.

12. Only install necessary apps and prefer known and trusted sources

You should exercise caution and restraint when installing apps. Each additional app installed on the device can potentially reduce the security of the device. We are talking here about snooping on local data, causing data leaks against the internet, weakening the privacy of you as a user and increasing the risk of misuse of the device's microphone and camera to eavesdrop and make your surroundings visible.

Malware, spyware, and other malicious applications often come through unofficial distribution channels. Only install applications from official libraries from the vendor. Never install apps that come from an unknown service or apps that require security settings to change to install them.

You should therefore only install apps that you really need, and then prefer apps from known and trusted sources. You should be especially critical of apps that request personal information and access to data in public clouds.

13. Distinguish between work and private life

Remember that both your private, personal data and information from your job can be sensitive and valuable. For example, if you lose your phone, you may lose private pictures and other data stored there. Mixing private and work-related accounts and features therefore increases your mobile vulnerability.

Use as few personal accounts as possible, and do not use the mobile device as a permanent storage for private data. Back up your personal data from your phone, tablet, and PC so you do not lose anything in the event of a loss.

Consider using one phone for work and another phone privately.

I have here shed light on security measures that the individual user can implement themselves. These user measures are necessary for the solution to achieve good security.

If you are a high-risk industry, this does not hold. Then it will be good to think about security programs installed on Smartphone in addition to many other security measures centrally.

Various sources that have been used include IBM and NSM