• Home
• About Us
  • The Company
  • Philosophy
  • The Group
  • Why TomK Consulting?
  • Staff
  • The VRM Consultants
  • Photo Galleries
• Our Services
  • Consulting Services
  • Featured Services
    • Enhanced Internet Reliability
    • Proactive Systems Management
    • Systems Audit Service
    • Systems Documentation
    • Systems Reliability Bundle
• Testimonials
• Newsletters
• Partners
• Contact Us
  • Privacy Policy
  • Sitemap

July 2013 IT Business Consulting Newsletter

Protect Your Mobile Identity & Secure Your Mobil Devices

By Tom K

If someone gains access to your mobile device, they potentially have your identity. They can be YOU via email, text, Twitter, and Facebook.

If you use your mobile devices for business, they can also impersonate you via your business email account. Furthermore, they now have full access to all your saved business email, and might have access to your corporate resources.

Not good!

In this month’s newsletter I show you how to protect your mobile identity and how to secure your mobile devices. I also discuss methods to recover mobile devices gone missing.

Protect Your Mobil Identity

Your mobile devices have access to many of the things that define your identity, and probably have shortcuts set up to automatically authenticate your identity. Your email, texts, Twitter and Facebook accounts tell the world who you are and what you think. Many folks set up shortcuts on their mobile devices to “remember” their IDs & passwords for multiple account access.

If someone picks up your phone or tablet, and you don’t have a passcode or security lock set, they immediately become you. They have access to everything that is you on your device. They can send anything to anyone and it will appear to have come from you. This can really mess with your life!

If you haven’t done so already, set a passcode lock on all your mobile devices. Do it NOW!

Apple: (Settings>General>Passcode Lock)

Droid: (Settings>Security>Screen lock)

This 4 digit code can save you tremendous amounts of trouble and angst. And don’t use lame passcodes – ie 4 consecutive numbers forward or reverse (3456 or 9876), or the same 4 numbers (6666). Anyone who finds your device can run through all these combos in minutes.

A young woman was at a party. It was pretty late and getting rowdy. She left her unsecured phone on the table when she went to the ladies’ room. While gone, some guys thought it would be a riot to take a quick picture of one’s privates & post it on her Facebook as “tonight’s date”. She was married and worked for a Christian organization. It wasn’t at all funny. Set your code NOW!

Using “simple” passcodes (the default 4 numbers) provides 10,000 combinations. If you want to take this a step further, you can set up a complex passcode using any combination of 77 alpha/numeric/special characters.

Droids have a similar construct, using the “Pin” option to set a simple numeric passcode and the “Password” option to set a complex passcode. Do it NOW!

Then make sure your devices are set to auto-lock after a period of non-use (typically 3-5 minutes).

A young upcoming exec left his unsecured phone in a cab. That night the finder sent a politically, racially motivated email out to everyone in the exec’s business contact list. By the time he realized the phone was missing, the damage was done. Set your code NOW!

And just for good measure, even though you have now set the security passcode on all your devices (right?), please don’t auto remember your passwords for any of your accounts. The convenience just isn’t worth the risk. I’m sure none of you is foolish enough to do this with any accounts involving financials or purchasing ability, but consider the damage that can be done to your identity if someone accesses and edits your social accounts.

Mobile Device Security

At one time or another, we’re all going to lose a mobile device. You can take steps to secure your devices and help recover them if they are lost or stolen.

All Apple devices have a wonderful function built in called Find My iPhone (also works with iPads, iPod Touch, and Macs). Android devices have 3rd party apps available that have similar functionality.

On an Apple device, you enable Find My iPhone from Settings -> iCloud. I know many folks aren’t enamored with iCloud, but you don’t have to enable any other iCloud functions to use Find My iPhone. You do have to set up an iCloud account. You probably have one set up, as this happens when you set up your Apple device if you don’t explicitly refuse.

Once enabled, if your phone is lost, you can access and track it from any browser, or from any Apple mobile device that has downloaded the free Find My iPhone app.

If really lost, you can see its location on a map so you know where it is. This feature pinpoints my phone to about 5 - 10 yards. You can also enter a new lock code if it is not already locked or if you want to input a “better” code. You can have the device display a message and callback phone (ie: there is a reward for returning this phone – call me at), and the number can be called from the locked device if it is an iPhone.

If the device is lost and has a good passcode on it (or better yet, a complex passcode), odds are it will be useless to the finder forever (unless whoever found it is REALLY anal & has way too much time on his/her hands :) Thus the reward message has pretty good probability.

But, if you’re concerned about the data on it, you can completely wipe the device, bringing it back to “From the Factory” condition. Note that while this will clear all the data from the device, it will also kill the Find My iPhone features so you can no longer track or message the device, and whoever has it can now use it as essentially a brand new device. If wiped, it is no longer “your” device. (Until iOS7 is available, see below)

If you lose your device at a party, in the office, at home, or in another somewhat controlled area, Find My iPhone can have your device emit a 2 minute series of full volume alert tones. This works great if your iPhone has slipped between the cushions on the couch or it slipped out of your pocket in a conference room. Unlike dialing an iPhone, the alerts will sound at full volume even when the ringer is turned down or the device is on vibrate.

Android devices don’t have a similar built-in feature, but there are Android apps that perform similar functions. Pricing varies from free to moderate, and functionality varies as well. Apps we’ve seen that are well regarded are Android Lost, Wheres My Droid, and SeekDroid. You can do a Google search for more.

So if you have an Apple device, activate Find My iPhone NOW!

If you have a Droid device, download an app and set it up NOW!

Both are hassle free and cash free (or almost), and either of them can save you hundreds in repurchasing costs and hours of re-configuring time. No excuses!

Imagine you walk into a bar, and you find your phone is missing. You must have dropped it in the cab. Darn!! Cab’s already gone! You grab your buddy’s phone, access your account on his Find My iPhone app. Send a tone so your iPhone is noticed. Send a reward message with your buddy’s phone number. Two minutes later the cab driver calls and will deliver your iPhone… Set it up NOW!

One Caveat

For Find My iPhone (or a Droid equivalent) to work, the device must be turned on, and must be connected to the Internet (Wi-Fi or cell if the device is a phone). If it is not accessible via the Internet when Find My iPhone tries to contact it - tries to push a sound or a message or set a lock code or wipe the device – Find My iPhone will push the action/command whenever the device does become accessible.

A Huge Caution

I do need to caution you that if the account you set up to control your devices is compromised, the compromiser gains the access needed to lock or wipe all your devices. So, when you set up the iCloud account or the account to manage your Droid app, use a Secure Password (see my November 2011 article Secure Passwords - You need to get this right! for more info).

iOS Upgrade

Some of the features discussed above for Apple devices were added with iOS 6. If you are still running an earlier iOS, all these features may not be available. I strongly suggest you upgrade to iOS 6. There is really no reason not to.

New features announced for the upcoming iOS 7 look pretty interesting. A thief would need your Apple ID and password to turn off Find My iPhone or wipe your device, and these credentials are required to reactivate the device. And Find My iPhone can continue to display your custom message even after a wipe. Sweet!

If you have any questions about any of the info in this article, or if there is anything I can do to help you protect your mobile identity or secure your mobile devices, please don’t hesitate to contact me at TomK@TomKConsulting.com, or via my cell 443.310.5110.

Next month I’ll discuss Best Practices for safely using unsecured Public WIFI.

Home | About TomK | TomK Philosophy | The Group | Why TomK? | TomK Staff | TomK Services | Featured Services |
TomK Testimonials | Newsletters | Partners | Contact | Privacy Policy | Site Map

© 2010 - Present, The TomK Consulting Group. All Rights Reserved.