Protecting your mobile device
Why do I need to be concerned about security on my smartphone or tablet?
Smartphones and tablets are essentially mobile computers they allow you to access the internet and email, download applications and games and store photos, videos and your personal information on them. Therefore it is important to realise that you need to protect and secure your phone just as you would your home computer or laptop.
The many features and functions that make your phone ‘smart’ also make it susceptible to malicious software like viruses and trojans. If your phone is not secure then it could be damaged by malware and viruses. Also the compact and mobile nature of your phone makes it much easier to lose or have it stolen. If it is lost or stolen then someone could access the information stored on it, this could be your own personal information or it could be confidential Trinity data which you have an obligation to protect.
What should I do?
In order to protect your phone or tablet and the data stored on it you should have a look at the security features that are available in your phone. All phones should have security settings though the exact options available will differ depending on manufacturer, model and software version.
Below is a guide to some of the general security settings that you should consider, and at a minimum we advise that everyone perform steps 1 & 2:
- Most smartphones and tablets have functionality to allow users to set a password or Personal Identification Number (PIN) on the phone that I is then necessary to know in order to access the phone. This is the most effective simple security measure that you can utilise to minimise loss and disruption in the event that your phone or tablet is lost or stolen.
- Most devices can be configured to automatically lock if your phone has not been used for a set period of time 5mins etc. In conjunction with step 1 an automatic lock is a very strong control to have in place to prevent unauthorised access to your data.
- Just as you are required by the manufacturer of your desktop or laptop computer operating system to update the software running on it so phone and tablet manufacturers regularly issue updates to the software on your phone, some of these updates may be fixing known security problems so you should make sure to regularly update the software on your phone.
- Some phones or tablets allow you to encrypt your data, sometimes this functionality is built in and sometimes third-party software is available. It is always desirable to encrypt data on a mobile device as encryption secures your data if your device is lost or stolen.
- Utilise any remote tracking facility or remote data deletion option on the device if available. This type of service will give you piece of mind in the event that the device is lost/stolen
- Disable Bluetooth when it is not actively transmitting information and switch Bluetooth devices to hidden mode Bluetooth lets you wirelessly connect to devices and transfer information over short distances. For Bluetooth to work, devices need to see each other and then connect. It is best to leave your phone in undiscoverable mode (hidden) so that it is only visible when you specifically need other people or devices to see it. This means that hackers cannot easily see your phone and attempt to connect to it
- Delete all information stored in a device prior to discarding, exchanging or donating it to charity. In particular you should remove any Trinity Wi-Fi or email settings you have stored.
- Know how to report lost or stolen devices immediately. If you lose your device then it may be possible to remotely wipe personal data from it. For example, staff would be able to make use of a feature through the staff Exchange email service to remotely wipe the device. For more information please contact the IT Service Desk.
- When connecting to the internet using Wi-Fi on a mobile device always try to use an encrypted network that requires a password and which you are sure is operated by a reputable provider. Configure your settings so that that your phone asks permission to join a new wireless network.
- Devices which cannot be securely configured should not be used to store confidential information whether that is your own private personal information e.g. bank account details, credit card numbers or confidential Trinity documents which you may be entrusted with in the course of your employment in Trinity.