Dec 19, 2016
Hardening Mobile Phone Devices – iOS/Android
Mobile Hardening
A question I often get asked by a lot of mobile users is regarding how they can secure “harden” their mobile devices. What can they do to add some layers of protection to secure their mobile devices?
There aren’t a whole lot of software tools that are out there which actually harden mobile devices. And, it’s a bit unfortunate that mobile security has a lower priority these days.
Kaspersky Threats 2015
Courtesy of (https://www.kaspersky.com)
For most Android and iOS devices there are a few steps and actions that you can take in order to harden your mobile device.
The following steps should give you some basic hardening techniques for personal use.
Steps to Secure Your Mobile Devices
1. Prevent and/or Detect jailbreaking for (iOS devices) or Rooting for (Android devices). Once you begin granting and giving any application root access. Then, expect that all regards to any privacy of all of your applications is now non existent.
2. Download apps only from reputable sources such as “The Apple Store” or “The Google Play Store“. Stores such as the Apple Store or Google Play Store usually will test out the apps before allowing them to be publicly released out to everyone.
3. Make use of your browser for sensitive operations. Avoid using apps to managing banking information, credit cards etc. The main issue at hand is that many apps may not make use of certificate verification. This is a type of check that can verify if the app is actually created and modified by the actual owners. In terms of which browsers are the safe ones to use. Well, Firefox and Chrome on Android devices are both a great choice. And, for Apple devices obviously Safari is the best choice.
4. Starting making use of Encryption! There is no cost to encryption and the speed difference is unnoticeable for the average user.
5. Unlock your mobile device by choosing good passcodes or use biometrics such as a fingerprint scan for your device. Don’t use pattern swipe, as I personally have seen people break it fairly easily.
Android Devices
Additional Security for Android Devices Only:
1. Use quality security apps! No Root Firewall is a good option to try out. (https://play.google.com/store/apps/details?id=app.greyshirts.firewall) Use it to monitor network traffic. Sophos Free Antivirus and security is a good anti-virus solution to take for a test drive. It’s great for checking applications, and has the ability to remote wipe/locate your device.
2. Don’t leave USB debugging enabled. A lot of developers forget to turn this feature off and expose their device.
3. If running Marshmallow change USB configuration (under developer options) to Charging.
I hope some of the above tips help with hardening your mobile device.
I am hoping to find or develop a mobile hardening app for future posts.
If you know of other options please feel free to leave your suggestions in the comment box below.
9 Responses to “Hardening Mobile Phone Devices – iOS/Android”
Trackbacks/Pingbacks
- Cellebrite Systems Breeched - StealthBay - […] They have created a well known product that is called Universal Forensic Extraction Device (UFED). This tool basically can…
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
Very nice post. I just stumbled upon your blog
and wanted to say that I’ve really enjoyed surfing around your
blog posts. After all I will be subscribing to your rss feed
and I hope you write again very soon!
Thanks a lot, glad you enjoy the content 🙂
Hey there this is kinda of off topic but I was wondering if
blogs use WYSIWYG editors or if you have to manually code with
HTML. I’m starting a blog soon but have no coding know-how so I wanted to get
guidance from someone with experience. Any help would be enormously appreciated!
Blogs can use both methods. I’d say they are getting to a point now where you don’t really need to know much HTML. CMS platforms like Drupal, Joomla, WordPress etc.. all now no longer need HTML knowledge.
I don’t even know how I ended up here, but I thought this post was great.
I do not know who you are but certainly you’re going to a famous blogger if you
aren’t already 😉 Cheers!
І will right away take holԀ of your rss as I
can’t in finding your e-mail subѕcription link or e-newsletter
service. Do you’ve any? Please let me know in order that I may just ѕubscrіbе.
Thankѕ.
This is very interesting, You are a very skilled blogger.
I’ve joined your rss feed and look forward to
seeking more of your magnificent post. Also, I have
shared your website in my social networks!
Great blog you have got here.. It’s hard to find quality writing like yours nowadays.
I really appreciate individuals like you! Take care!!
I’m impressed, I have to admit. Rarely do I encounter a blog that’s equally educative and entertaining, and let me tell you, you have hit
the nail on the head. The problem is something not
enough folks are speaking intelligently about.
I am very happy I came across this during my search for something concerning this.