December 2017: Your Mobile Devices Won’t Secure Themselves!

Campus Security Awareness Campaign 2017
This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View all 12 monthly blog posts with ready-made content by visiting www.educause.edu/securityawareness.

Mobile devices are everywhere — pockets, purses, nightstands, cars — and so are the security threats related to their use. Add to that the use of home networks, cloud backups, and the Internet of Things, and the risk escalates! Educate your end users about what they can do now to secure and protect their data and their devices, wherever they may be. To get started, customize and use the following ready-made messages for your community.

Get the Word Out

Newsletter or Website Content

Mobile security at one time meant using a laptop lock and keeping tabs on your phone. However, the growing capabilities and use of mobile devices — coupled with the ubiquity of smart devices stitched into the very fabric of our daily lives (figuratively and literally) — now require a more sophisticated defense-in-depth approach to match the growing threat. Following are a few things you can do to protect your devices and personal information on campus, at home, or at work.

  • Secure your devices with a strong password, pattern, or biometric authentication. Check the settings for each device to enable a screen-lock option. For home routers, reset the default password with a strong one.
  • Install anti-malware. Some software includes features that let you do automatic backups and track your device.
  • Check your Bluetooth and GPS access. Disable these settings on all devices when not needed and avoid using them in public areas.
  • Update your devices often. Install operating system and application updates when they become available.
  • Review phone apps regularly. Remove any apps you don’t use. Be selective when buying or installing new apps. Install only those from trusted sources and avoid any that ask for unnecessary access to your personal information.
  • Treat devices like cash! Don’t let your devices out of your sight or grasp. Maintain physical control of your device in public areas. Get a lock (alarmed is best) for your laptop and use it.
  • Keep it sunny in the cloud. Whether using Google Drive, Dropbox, OneDrive, iCloud, Amazon Drive, or any of the many cloud options, set privacy restrictions on your files to share them only with those you intend. Protect access to your cloud drive with two-factor authentication.
  • Create a secure wireless network. Configure your wireless router to protect your bandwidth, identifiable information, and personal computer. Secure it with proper set up and placement, router configuration, and a unique password, using the strongest encryption option. See http://www.wi-fi.org/ for more tips.
  • Protect your Internet of Things (IoT) devices. Are you sharing your livestreaming nanny cam with the world? Review privacy settings for all Internet-ready devices before connecting them to the web.
Wi-Fi poster graphic

Source: STOP. THINK. CONNECT. Wi-Fi poster

Figure 1. Use this image to support your message.

 

Social Posts

Note: These are Twitter-ready, meeting the 140-character length restriction.

  • Check your Bluetooth and GPS access. Disable them when not needed and avoid using in public areas. #MobileSecurity #CyberAware
  • Review phone apps often. Remove those you don’t use; take care when adding new ones. Why do they need your info? #MobileSecurity #CyberAware
  • Buy or install new apps only from trusted sources & avoid apps asking for unneeded access to personal info. #MobileSecurity #CyberAware
  • Keep it sunny in the cloud. Protect access to your cloud/online drive with 2-factor authentication. #MobileSecurity #CyberAware
  • Secure home Wi-Fi with proper set up & placement, router config, & strong encryption: www.wi-fi.org #MobileSecurity #CyberAware
  • Anti-malware for your smartphone? Yes! Some let you do auto-backups & track your device. #MobileSecurity #CyberAware

E-Mail Signature

Ask staff members to add a tip to their e-mail signature block and a link to your institution’s information security page.

Example:

Jane Doe
Chief Information Security Office
XYZ College

Protect your mobiles devices and personal info. Learn more. [Link “Learn more” to your institution’s information security awareness page or to these mobile device safety tips.]

Embed or Share Videos

Quick tips for mobile Internet use (0:30 sec)

Easy ways to protect yourself when using a mobile device (2:36 min)

PSA on the importance of passwords on mobile devices (0:32 sec)

Resources

Share these resources with end users or use them to inform your awareness strategy.


Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).

© 2017 EDUCAUSE. This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.