Mobile Security Guide

Best Practices

  • "US-CERT recommends the following best practices to help protect mobile devices:
  • Maintain up-to-date software, including operating systems and applications;  
  • Install anti-virus* software as it becomes available and maintain up-to-date signatures and engines;
  • Enable the personal identification number (PIN) or password to access the mobile device, if available; 
  • Encrypt personal and sensitive data, when possible;
  • Disable features not currently in use such as Bluetooth, infrared, or Wi-Fi;  
  • Set Bluetooth-enabled devices to non-discoverable to render them invisible to unauthenticated devices;
  • Use caution when opening email and text message attachments and clicking links;  
  • Avoid opening files, clicking links, or calling numbers contained in unsolicited email or text messages;  
  • Avoid joining unknown Wi-Fi networks;
  • Delete all information stored in a device prior to discarding it; and  
  • Maintain situational awareness of threats affecting mobile devices.  
  • Anti-virus software exists for some mobile devices, which is one component of a layered defense. However, it can only assist in protecting against known threats. Users need to understand the threats and proactively take steps to avoid them. A high degree of vigilance is necessary to successfully prevent and mitigate future threats to mobile devices."  

Source: US-CERT Technical Information Paper, TIP-10-105-01 April 15, 2010 [PDF]

MobileSecurityGuide.Mobi © 2014 Henry S. Markus, Seattle, WA, USA. All Rights Reserved.