1
00:00:00,350 --> 00:00:03,380
<v ->In this lesson, we're going to discuss the 10 best ways</v>

2
00:00:03,380 --> 00:00:06,340
to increase the security of your mobile devices.

3
00:00:06,340 --> 00:00:09,480
This is known as mobile device hardening.

4
00:00:09,480 --> 00:00:13,050
Number one, update your device to use the latest version

5
00:00:13,050 --> 00:00:16,360
of the software. Whether this is your operating system,

6
00:00:16,360 --> 00:00:18,200
your apps, or your firmware,

7
00:00:18,200 --> 00:00:20,040
you should always be updating it.

8
00:00:20,040 --> 00:00:22,120
By updating it, you're making sure

9
00:00:22,120 --> 00:00:25,770
that you have all known vulnerabilities patched and secured.

10
00:00:25,770 --> 00:00:28,550
Just like your desktop, most devices are hacked

11
00:00:28,550 --> 00:00:31,450
because they're not patched from a known vulnerability,

12
00:00:31,450 --> 00:00:34,560
So, when an update comes out, make sure you apply it.

13
00:00:34,560 --> 00:00:37,200
Number two, install antivirus.

14
00:00:37,200 --> 00:00:39,820
A lot of people figure that it's a mobile device

15
00:00:39,820 --> 00:00:42,400
and it's not a computer so it doesn't need antivirus.

16
00:00:42,400 --> 00:00:44,840
But, just like a computer, your mobile devices

17
00:00:44,840 --> 00:00:48,580
do need to have antivirus and anti-malware installed.

18
00:00:48,580 --> 00:00:50,590
Number three, train your users

19
00:00:50,590 --> 00:00:53,660
on proper security and use of the device.

20
00:00:53,660 --> 00:00:55,030
This includes showing them how

21
00:00:55,030 --> 00:00:57,040
to use social media appropriately,

22
00:00:57,040 --> 00:00:58,720
what sites are safe to browse,

23
00:00:58,720 --> 00:01:01,210
and what apps are allowed to be installed.

24
00:01:01,210 --> 00:01:03,130
Remember, these are all vulnerabilities

25
00:01:03,130 --> 00:01:05,470
that your employee, who's holding the device,

26
00:01:05,470 --> 00:01:08,270
can install and use on your device.

27
00:01:08,270 --> 00:01:11,100
You have a right to train them the correct way.

28
00:01:11,100 --> 00:01:14,330
Next, number four, only install applications

29
00:01:14,330 --> 00:01:16,350
from the official mobile stores.

30
00:01:16,350 --> 00:01:17,760
At least if you've done that,

31
00:01:17,760 --> 00:01:20,250
they have malware checks and security checks

32
00:01:20,250 --> 00:01:22,960
and you're much less likely to have issues.

33
00:01:22,960 --> 00:01:25,150
Again, this is the App Store for Apple

34
00:01:25,150 --> 00:01:27,610
and the Google Play store for Android.

35
00:01:27,610 --> 00:01:30,990
Number five, don't root or jailbreak your device.

36
00:01:30,990 --> 00:01:32,960
That's going to bypass the security

37
00:01:32,960 --> 00:01:34,490
and the built-in protections

38
00:01:34,490 --> 00:01:37,190
that Apple and Android have already put in there for you.

39
00:01:37,190 --> 00:01:40,000
If you do this, you're asking for trouble.

40
00:01:40,000 --> 00:01:43,130
Number six, only use version two SIM cards

41
00:01:43,130 --> 00:01:44,420
with your devices.

42
00:01:44,420 --> 00:01:47,090
As we talked about in the SIM cloning lecture,

43
00:01:47,090 --> 00:01:49,290
version two is very hard to clone

44
00:01:49,290 --> 00:01:51,590
but version one is actually quite easy.

45
00:01:51,590 --> 00:01:53,890
So, you should always use version two SIM cards

46
00:01:53,890 --> 00:01:56,420
to help counter SIM cloning.

47
00:01:56,420 --> 00:01:58,170
Next, we have number seven,

48
00:01:58,170 --> 00:02:00,730
turn off all unnecessary features.

49
00:02:00,730 --> 00:02:04,740
Whether this is Wi-Fi, Bluetooth, near-field communication,

50
00:02:04,740 --> 00:02:08,550
mobile hotspots, tethering, location tracking, and more.

51
00:02:08,550 --> 00:02:10,570
Turn it off if you're not going to use it.

52
00:02:10,570 --> 00:02:14,370
If you do have to use Bluetooth, make it undiscoverable.

53
00:02:14,370 --> 00:02:17,790
Number eight, turn on encryption for your voice and data.

54
00:02:17,790 --> 00:02:19,910
This'll ensure things like Bluetooth,

55
00:02:19,910 --> 00:02:22,390
near-field communications, Wi-Fi,

56
00:02:22,390 --> 00:02:24,450
and others have encryption enabled

57
00:02:24,450 --> 00:02:25,800
whenever you're using them.

58
00:02:26,740 --> 00:02:31,170
Number nine, use strong passwords or biometrics for log on.

59
00:02:31,170 --> 00:02:33,840
That means you shouldn't be using a four-digit PIN.

60
00:02:33,840 --> 00:02:36,000
You want to use things like a thumbprint,

61
00:02:36,000 --> 00:02:38,900
a face scan, or long, strong passwords,

62
00:02:38,900 --> 00:02:41,550
whichever of those three your device supports.

63
00:02:41,550 --> 00:02:43,940
Also, you should turn on Find My Phone,

64
00:02:43,940 --> 00:02:47,140
enable remote lockout, and remote wipe capabilities

65
00:02:47,140 --> 00:02:48,890
before you need them.

66
00:02:48,890 --> 00:02:51,730
Number ten, don't allow BYOD.

67
00:02:51,730 --> 00:02:54,370
I know I talked about in the BYOD lecture,

68
00:02:54,370 --> 00:02:55,730
that you can allow your organization

69
00:02:55,730 --> 00:02:57,800
to make the choice, but let's just be honest:

70
00:02:57,800 --> 00:03:00,720
bring your own device means bring your own disaster.

71
00:03:00,720 --> 00:03:04,040
It introduces a ton of risk; if you use it,

72
00:03:04,040 --> 00:03:06,340
you need to ensure that you have storage segmentation

73
00:03:06,340 --> 00:03:07,890
and good mobile device management

74
00:03:07,890 --> 00:03:10,510
and having your employees allow you to install it.

75
00:03:10,510 --> 00:03:13,200
It's much better to use choose your own device

76
00:03:13,200 --> 00:03:17,150
or employer furnished devices where you control the device

77
00:03:17,150 --> 00:03:18,980
and you control what goes on on it.

78
00:03:18,980 --> 00:03:22,070
It's your data, after all, you have to protect it.

79
00:03:22,070 --> 00:03:25,020
And, in summary, after you do all those 10 things,

80
00:03:25,020 --> 00:03:26,970
you need to make sure your organization

81
00:03:26,970 --> 00:03:30,240
has a good security policy in place for mobile devices.

82
00:03:30,240 --> 00:03:33,030
This will tell your employees what's expected of them,

83
00:03:33,030 --> 00:03:34,540
and it'll tell your administrators

84
00:03:34,540 --> 00:03:36,580
what they have to secure too.

85
00:03:36,580 --> 00:03:38,087
So, if I get my administrators and say:

86
00:03:38,087 --> 00:03:40,170
"We're not going to allow bring your own device"

87
00:03:40,170 --> 00:03:42,330
that means there's a lot of technical things they can do

88
00:03:42,330 --> 00:03:45,090
to prevent those devices from getting on the network.

89
00:03:45,090 --> 00:03:47,120
But if you're going to say: "We're going to allow it,

90
00:03:47,120 --> 00:03:49,680
and here's the conditions" then they need to know that,

91
00:03:49,680 --> 00:03:51,780
so they can support that decision as well.