Mobile device security at Fermilab

Chris Sheppard

Chris Sheppard

There are more mobile devices than people on Earth, and people are increasingly using these devices for business, email, games and apps. Unsurprisingly, then, the mobile device threat and vulnerability trend is on the rise.

At Fermilab, we recognize that more and more mobile devices are being used because of increasing computer power, cross-platform apps and information and data sharing capabilities. Unfortunately, traditional security solutions don’t work the same for mobile devices. Here are some tips, based on four layers of security for mobile devices, to protect your system, configuration, apps and network.

System – the operating system on the device. Whether Android or iOS, many exploits take advantage of known flaws in older operating system versions. We recommend keeping up to date with the latest security and general operating system updates.

Configuration – the system settings that are being used to strengthen security. Configuring your device to use a passcode or Touch ID (fingerprint) to unlock it are a couple of great ways to secure your data.

Apps. Unsecure apps happen to be the biggest threat facing mobile device users today.  Unfortunately, in today’s fast moving app-development life cycle, robust security testing is seemingly less important than speed to market. To combat threats, it is good practice to understand what an app is doing and whether you really need it, especially if it involves sensitive information such as financial or medical. Reading reviews of the app can help you understand if others are seeing issues or poor quality updates. If apps are installed, it is good practice not to allow them to use contacts, pictures or other data from your device unless you deem it safe to do so.

Network – Wi-Fi access points that mobile devices may be connected to. Whether at the coffee shop, gym, grocery store or any other place that may offer free or paid Wi-Fi access, it is important to only connect to secure sources. Even better, connect only to sources that ask for a password or other means of secure access. Unsecure connections can allow attackers to intercept traffic from your device and steal sensitive data.

Mobile device security should be a vital part of our everyday technology use and should raise awareness of how we are using devices for both personal use and work. Using the tips above, you can start taking steps to help create a more secure mobile device experience and ecosystem.

Chris Sheppard is a Macintosh desktop engineer in the Desktop Engineering Department of the Core Computing Division.