Securing your Mobile Computing Device
Recommended Security Steps for All Mobile Devices:
- Set a passcode on either your mobile phone handset or on the SIM card (refer to your phone manual)
- Apply Physical security - unattended cars, airports or other public places are targets for thieves
- Record the 15-digit IMEI (International Mobile Equipment Identification) number of your mobile phone handset. Use your phone keypad and press *#06# on your phone to display the IMEI (used if lost/stolen)
- Keep the firmware version of your phone updated (refer to your manual for procedures)
- Erase all SCU and personal data from mobile devices before asset decommissioning. Refer to your device manual or contact the Technology Services Helpdesk for data erasure assistance.
Staff Mobile Usage and Tips for Overseas Travel Usage
Checking Data Usage: You can check your Telstra data usage by texting "M" to 176 86
iPhone/iPad Device Security Recommendations which Technology Services can assist with. Technology Services recommends to apply the security steps recommended above plus:
- Disable data roaming when overseas unless you are intentionally using data roaming through Telstra
- Set "Ask to Join" wifi network setting as ON
- Set device to delete data if passcode attempted incorrectly 10 times
- Disable Bluetooth unless using intentionally
- Enable "Find my iPhone" App Find My iPhone
Overseas Voice and Data Usage Options
Voice Call Options: Call rates and SMS costs vary depending on country visited.
This link provides further information: Telstra Voice and Data Roaming Guide
Data Roaming with Telstra: Data roaming via the Telstra service is expensive ($15 p/Mb). An international data roaming pack will provide a very limited 60Mb each month for essential email viewing or light surfing
Data Roaming with Wireless Hotspots: Options includes using wifi at airports, hotels, Internet cafes, or using EDU institutions wireless (EDUROAM).
Data Roaming with a local SIM: It is possible to buy a SIM from each country visited and this is a cheaper alternative for data roaming than Telstra, however this would involve purchasing, setting up the SIM on the iPhone/iPad and may require technical expertise to setup.
Recommendations for Data: It is recommended to use wireless hotspots wherever possible, bearing in mind that these are not always highly secure. Use Telstra's data roaming sparingly as costs are prohibitive, data usage can be viewed on mobile devices if required.
Mobile Phone Security Resources
Windows Mobile Security - Provides basic guidance on accessing settings in Windows Mobile for security
iPhone Security - Provides a comprehensive guide to securing your iPhone. Click on "Download CIS Benchmarks Here". You will need to enter required information at the top of the page, click on the box next to "Apple iPhone Benchmarks", accept the Terms of Agreement and then download the document titled "Security Configuration Benchmark For iPhone".
Blackberry Security - Provides a comprehensive enterprise and consumer guide to Blackberry security, including helpful consumer FAQ
Nokia Security - Provides basic information on mobile viruses and malware
Australian Government Mobile Phone Security Fact Sheet - Offers some simple security tips to help secure your phone, child safety checklist, and what to do if your mobile phone is stolen.
NIST Guidelines on Cell Phone and PDA Security - Provides a broad yet comprehensive guide to securing your mobile phones and PDAs, including threats and safeguards
The below are further optional security steps which are applicable to most mobile devices:
- Encrypt secure data on your phone. Encryption can be applied to both the removable memory card and integrated phone memory. On some phones it is possible to also set a passcode on the memory card (refer to your manual for procedures on encryption and data passcodes)
- Activate phone disable mode via SMS on your phone if it is lost or stolen (refer to your manual for procedures on this)
- Learn how to activate remote wipe of data if your mobile phone is capable of this in case of theft or loss of phone (refer to your manual for procedures on this)
- Turn off non-essential services (refer to your manual for procedures on WiFi auto-join, bluetooth, VPN, SSH, etc)
- Disable or enable Internet browser settings as required (refer to your manual for procedures on javscript, plugins, autofill, fraud alert etc)
- Set auto lockout on your phone if available (this will lock the screen after a defined period of inactivity)
- Use anti-virus software on your phone, such as Symantec anti-virus for mobiles
- If your phone has a default password for SSH, change this (for example on iPhones the default password is Alpine for SSH)
Laptops are subject to both theft (due to their portability) and misplacement as they are often used in travel. Staff and students are requested to take additional safety precautions with laptops when traveling. A stolen laptop represents not only a financial loss, but could also represent a significant security risk depending on the information stored on the laptop.
- Laptops are able to be physically secured to desks by cable and padlock style security measures if deemed necessary
- Laptops and netbooks are able to be password protected, so that as soon as they are switched on a hardware based password is requested (before Windows os MacOS begins to load). Using this password stops unauthorised users from accessing the laptop, but they can still steal the hard drive. Also if this password is forgetten there is no easy work around and the machine may have to be sent back to the supplier or worse, discarded.
- Data, including individual files, folders or even entire hard drives, can be password encrypted. So even if the hard drive is stolen or lost, encrypted files cannot be accessed easily.
Contact your local Service Desk for further information.
Updated: 23 April 2012