(This video chapter begins at 09:22 and ends at 11:03. Click on the blue dot at the 09:22 timestamp to play the video for this module.)

Mobile Protection

It is just as important to protect your Smartphone as it is your computer. With phones having many of the same capabilities as computers, they are open to many of the same vulnerabilities that computers face. This module will discuss several small but effective steps to take to ensure mobile protection.

Our focus quote for this module:

“The beginnings of the hacker culture as we know it today can be conveniently dated to 1961, the year MIT acquired the first PDP-1.” –Eric S. Raymond

No Credit Card Numbers

Many times, it seems convenient to store credit card numbers on your phone so you have them at your fingertips and you don’t necessarily have to rely on your memory. But just as it is easy for you to access these numbers, it is easy for someone who means harm to access them.

If for some reason it is absolutely necessary for you to store this information on your phone, it is important for you to take extreme measures to make sure the data is safeguarded, such as tokenization and/or encryption.

Place Lock on Phone

Enabling a lock on your phone when not in use, and a pin or password to unlock the phone could help prevent unauthorized use of the phone. Just as we talked about in a previous module, if you set a password on your phone, it is important to create a strong password.

Keep these tips in mind when creating your password:

• Use a unique password for each of your accounts. Do not use one password for all of them.
• Ensure your password consists of letters, numbers, and symbols. This would make it harder for others to figure out.
• Avoid using common words or consecutive characters to make up your password (e.g., Do not use “password” as your password. Do not use a password such as Office111).

Don’t Save Passwords

When it comes to passwords, the ideal situation would be to remember them so there is no trail of what they are, which could make it easy for an unauthorized user to utilize them. But the fact is, most people have unique passwords for each account they have. Because of this, it may be necessary to use a back-up method in case they are forgotten. If this is the case, write them down and securely store them. Do not save them on your phone.

• Write them down and treat them as you would any other important documents by locking them in a safe or drawer that requires a key.
• Invest in a password manager service.

No Personalized Contacts Listed

You’ve created a lock on your phone and regularly lock it when it’s not in use. You quickly step away from your desk with your phone on it, and forget to lock it. Someone who doesn’t have permission to touch your phone decides to go through your contact list. John sees the name Bob Jones with “ABC Company Manager” in parentheses. John writes down Bob’s name and number and decides to use it to solicit Bob’s business.

This is one scenario of what can happen when your phone includes a personalized contact list. In this example, the result, while uncomfortable, is not an extreme situation. Just think what could have happened!

Practical Illustration

Delores and Earl have recently been given cell phones by their company to be able to conduct business while they are away from the office. Their manager encourages them to lock their phones each time they are not in use and make sure they memorize the password to unlock it. Delores tells Earl that she’s happy they have the phones because she can save her customers’ credit card information on it so she doesn’t always have to refer to her paper file when she needs to conduct a transaction for them. Earl states that it is best not to do that because if her phone gets hacked, the customers’ financial data may be compromised.