The Cybersecurity & Infrastructure Security Agency (CISA) released guides to help users improve mobile device cybersecurity. A guide for consumers may be accessed by clicking here and a guide for organizations may be accessed by clicking here.
The guides suggest the following actions:
- Keep your device up to date. Enable automatic operating system updates to fix security flaws.
- Update apps. Enable automatic app updates to ensure the most current security
- Use strong authentication. Enable devise authentication and set strong login passwords.
- Enable two-factor authentication.
- Practice good app security. Disable third-party app stores which can spread malware.
- Delete unneeded apps. Periodically review and delete apps that are no longer used or needed.
- Minimize PII in apps.
- Grant least-privilege to all apps.
- Allow location access only when using an app.
- Disable unneeded network radios.
- Avoid public Wi-Fi.
- Install security software.
- Use only trusted chargers and cables.
- Enable lost device function to wipe the device after a certain number of incorrect logins.
- Beware of phishing attacks and don’t click on questionable links.