Mobile Device Security
- Configure your mobile device to require a passcode to gain access if this feature is supported by your device.
- Avoid storing sensitive information. Mobile devices have a high likelihood of being lost or stolen. Avoid using them to store sensitive information (e.g. passwords, bank account numbers, etc.). If sensitive data is stored, then encryption should be used to secure it.
- Keep your mobile device’s software up-to-date. Mobile devices are small computers running software that needs to be updated just as you would update your PC. Use the automatic updates option if one is available.
- Disable features not actively in use such as Bluetooth, Wi-Fi, and infrared. Set Bluetooth-enabled devices to “non-discoverable” when Bluetooth is enables.
- Delete all information stored on a mobile device before the device changes ownership. Use a “hard factory reset” to permanently erase all content and settings stored on the device.
- “Sign out” or “log off” when finished with an app rather than just closing it.
- Never click on suspicious links in emails, tweets, posts or online advertising. Links can take you to a different website than their labels indicate. Typing an address in your browser instead of clicking a link in an email is a safer alternative.
- Only give sensitive information to websites using encryption so your information is protected as it travels across the Internet. Verify the web address begins with https://. Some browsers also display a closed padlock.
- Do not trust sites with certificate warnings or errors. These messages could be caused by your connection being intercepted or the web server misrepresenting its identity.
- Avoid using public computers or public wireless access points for online banking and other activities involving sensitive information when possible.
- Always “sign out” or “log off” of password protected websites to prevent unauthorized access. Simply closing the browser window may not actually end your session.
- Be cautious of unsolicited phone calls, emails, or texts directing you to a website or requesting sensitive information.
General PC Security
- Maintain active and up-to-date antivirus protection provided by a reputable vendor. Schedule regular scans of your computer in addition to real-time scanning.
- Update your software frequently to ensure you have the latest security patches. This includes your computer’s operating system and other installed software (e.g. Web Browsers, Adobe Flash Player, Adobe Reader, Java, Microsoft Office, etc.)
- Automate software updates when the software supports it to ensure it is not overlooked.
- If you suspect your computer is infected with malware discontinue using it for banking, shopping, and other activities involving sensitive information. Use security software and/or professional help to find and remove malware.
- Use firewalls on your local network to add another layer of protection for all the devices that connect through the firewall (e.g. smart phones, tablets, etc.).
- Require a password to gain access to your PC. Log off or lock your computer when not in use.
- Use a cable lock to physically secure laptop when the device is stored in an insecure location.
- Create a unique password for all the different systems you use. If you don’t then one breach leaves all your accounts vulnerable.
- Never share your password over the phone, in texts, by email, or in person. If you are asked for your password, it is probably a scam.
- Use unpredictable passwords with a combination of lowercase letters, uppercase letters, numbers, and special characters.
- The longer the password, the tougher it is to crack. Using a password with at least 8 characters exponentially strengthens a password.
- Avoid using obvious passwords such as:
- your name
- your business name
- family member names
- your user name
- dictionary words
- Choose a password you can remember without writing down. If you do choose to write it down, store it in a secure location.
Don’t cache (have the computer/device “remember”) your password. If the PC or device is stolen the thief only has to go to your “favorites” and will automatically be logged in.
To learn more about information technology security, visit any of the following websites: