Security for mobile phones and tablets

Basic advice for securing smartphones and tablet devices.

The most likely things that go wrong with mobile devices are:

  • they break: your best protection is to have a backup
  • they are lost: protect from this by always locking them, having a backup, and configuring "find my device"
  • they are stolen: as above, always lock them, have a backup, and configure "find my device"
  • someone uses one of them without your knowledge or authorisation: always lock them, it's better if you also encrypt them

Protecting the devices

All it takes is a single accident where your device slips out of your pocket or briefcase at a restaurant or on public transport, and your data could land in the hands of someone who will use it maliciously. Cross links to how to protect in each of these situations is given here:

Backing up mobile devices

Locking your devices

Configuring "find my device"

Configuring a remote-wipe capability

Choosing devices wisely

Check Application Permissions

Encryption on smartphones

For details on how to encrypt smartphones and similar devices, follow the link below.

Encrypting phones and tablet devices

Anti Malware on smartphones

You probably need some sort of security app on your smartphone or tablet, because there are security vulnerabilities in these devices. But how likely you are to be faced with malware and what your options are for protection depend greatly on your device.

We have some general advice on anti-virus but the situation with smartphone and tablets can be complicated. Please bear some things in mind when looking for a potential anti malware solution:

  • Are there any reviews on them from tech sites/media? Are they well respected?
  • Where is the company based? What permissions will their app require?
  • What additional features does the app have? Do you want or need them?

Using these devices at work.

If you use a mobile device or tablet for work, you need to conform with University policies for protecting information. Even if you own the device yourself, you may not own the University information that it contains, or has access to.  If the device has access for example, to your University email, it makes sense to apply the basic protection of locking with a PIN, and encrypting the device. Follow the guidance shown above to protect the device. 

Other advice for mobile phones and tablets

Other things you should consider, but specific web pages have not yet been prepared to describe these in more detail include:

  • Before you dispose of it, or give it away or sell it, securely erase all its content first 
  • Know what you're downloading. Only download Apps from reputable developers and sources.
  • Keep all software up to date, including the operating system and installed Apps.
  • Don't share your device with other people, or at home.
  • Do not "jailbreak" or "root" your device. It bypasses the manufacturer's protection mechanisms and can leave your device insecure.
  • Disable services such as Bluetooth if you are not using them. This limits the options available for hacking into your device.
  • If you use it for work, follow the guidance on Bring Your Own Device.