Not so much a case study, this is a white paper I wrote for Telefonica (specifically O2 in the UK), as they struggled with the concept of how to persuade customers, both old and new, that they needed the new O2 smartphone security app.

 

 

Mobile Security Tips

Beyond the Security App

 

It is important to remember when working, playing or shopping on a mobile device that the most important part of your security is you. Taking the time to ensure that you are aware of the threats and have correctly set-up your security will go a long way to making you and your family secure.

Much like a lock and key are not much use if they are not installed, maintained and used regularly, no one should expect their mobile security software to do everything for them without involvement and consideration.

Here are a few other simple areas of online security that are worth learning how to get right:

1) Change all your passwords regularly
‘123456’ is NOT a good password! It is all too common that we use the same password across all website log-ins, use a very simple password or one that is personal to you (like a birth date or address number) but of course if it is easy for you it is easy for a hacker. Passwords must be changed regularly, every 3 months is a good minimum, and must contain a mixture of letters and numbers. Adding punctuation or capitals helps too (A good example might be ‘M0bil35eCur1ty’). Do not use the same or similar passwords repeatedly and especially when shopping or transferring confidential information make sure you use a complex password to ensure your protection. Also do not write the password down anywhere that it might be found or seen. If you really need to write it down then ensure the note is itself locked away safe.

2) Keep all your software updated
This is especially important for your operating systems and security software, and applies to all your devices not just your mobile phone, tablet or laptop/desktop. If you regularly connect or synchronise your devices then the weakest link is the one machine that is not up-to-date with the latest fixes, patches and updates. If your software has an option in the settings for ‘Update Automatically’ then use this so you don’t have to remember or worry.

3) Encrypt your Wi-Fi connection
Most people assume that their Wi-Fi connection is safe right out of the box and already secure. But the reality is that the manufacturer sets the default password to ‘admin’ or simply ‘password’ which hackers already know. They can use this information to break into your Wi-Fi network and potentially have access to all your devices and information or use your network to mask their crimes. Always change the default password on your network to something secure (see point 1 above about setting a secure password).

4) Do not open attachments from people that you do not know.
This applies to links to website or downloading files too. This is a common way to infect devices as people are naturally curious to find out what they have been sent. Malware is often disguised so even if you open attachments or click links you will not know that you have been infected. It all happens in the background on your device with no immediate difference noticeable to you.
Plus, even when they are from people that you trust it is less likely, but still possible that a link or attachment could be compromised – another reason why security software is so vital.

5) Never shop online when the website is not secure.
An insecure connection means hackers could potentially capture your bank or credit card details. An encrypted internet connection is mandatory and to know that you have one you can check on your web browser that the website URL (the name typed along the top of the screen, for example https://www.amazon.com) to make sure it starts with HTTPS – the S is the important part. Also keep an eye out for the padlock logo at the top or bottom of the screen which signifies there is a secure connection. An example of both:

6) Do not share your personal information
This could be on forums, chat rooms or in any type of communication with people you do not know or trust. Just because someone seems official or friendly does not mean they are! You would not give personal information to someone who knocked on your door so take great care about doing the same online. Hacker often try to get your information via seemingly innocent means such as asking your birthday or mother’s maiden name, information that is useful to them elsewhere.

7) Keep children safe and educated.
Teach appropriate usage and what to do and not do when online, especially all of the above security points. Advice to children does vary with age but it is never too early or late to start teaching children about the dangers that exist online.