Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/22/2020
07:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

10 iOS Security Tips to Lock Down Your iPhone

Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.
Previous
1 of 11
Next

(Image: BillionPhotos.com -- stock.adobe.com)
(Image: BillionPhotos.com -- stock.adobe.com)

Now more than ever, we depend on smartphones to keep us connected to each other, to our employers, to our finances and healthcare providers. We use our phones to shop, bank, and access corporate applications and information. But are our iPhones as secure as they could be?

"iPhone owners tend to feel more confident in the security of their phones than Android owners, and for good reason," says Randy Pargman, former FBI computer scientist and senior director of threat hunting and counterintelligence at Binary Defense.  

But that doesn't mean iOS is immune to security issues. Back in April, we learned attackers has been exploiting two unpatched iOS vulnerabilities since at least January 2018. Last year, researchers discovered more than 20,000 iOS apps were published without App Transport Security (ATS), a set of rules and app extensions Apple built as part of the Swift development platform. ATS is turned on by default; without it, critical information was being transported without encryption.

"It's true that iPhones and the whole Apple ecosystem keep customers safer from malicious apps, but that doesn't mean that all the data stored in the apps is safe from theft," Pargman continues. "Many apps store sensitive information on servers operated by the app developer or transfer the information unencrypted over the Internet. As soon as your information leaves your iPhone, it is outside of your control to protect it." 

The security of iOS doesn't mean users can ignore basic threats to data security. Most people don't have to worry about advanced targeted attacks or zero-day exploits; however, they are still exposed to phishing attacks, device theft, and malware that could put their information at risk. If you're using Safari or another browser to navigate the Web, share data, or order goods, you're just as vulnerable on your iPhone as you would be on Windows or Android. Those who store financial, health, and other sensitive data on their iPhones should take extra precautions. 

These precautions are even more essential at a time when people are relying on their iPhones to work remotely. Wandera research shows collaboration software adoption jumped nearly 190% between early February and the end of April, says Michael Covington, vice president of product strategy at Wandera.

"Though mobile devices have been broadly adopted within the workforce, COVID-19 has forced many businesses to finally put those devices to use, with more enterprise applications being opened up to mobile devices and remote access finally being allowed," he says.

Many businesses have changed data access policies to enable access for remote users.

"From work files to health records and banking data, the pandemic has forced more frequent use of the mobile device as people try to stay productive and connected, while balancing the needs of entire families now forced to work with a limited set of shared resources," Covington says.

Many people who have been isolated at home have started to let their guard down when it comes to practicing strong security, Covington says. Phishing attacks are taking advantage of the pandemic, preying on global fear and uncertainty, increasing their chances of getting hit.

Now is a good time to take a closer look at your iPhone security posture. More than 20 mobile security experts weighed in to share their go-to tips to strengthen privacy and security of your mobile device. Here, we share their most popular suggestions and tips you may not think of.

What did we miss? Feel free to share your favorite iPhone security advice in the Comments section, below.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
angelabelp
50%
50%
angelabelp,
User Rank: Apprentice
6/5/2020 | 2:12:43 AM
very good this page
 Esta gran web  es una de las mejores que conozco, no comparte información falsa como muchas que veo en muchos lugares, espero que sigan así y mejoren, gracias por todo lo que comparten muy útil

Translation (From Editors)

This great website is one of the best I know, does not share false information as many that I see in many places, I hope they continue like this and improve, thanks for everything they share very useful

 

 

 

 

 
fazzael
50%
50%
fazzael,
User Rank: Strategist
5/24/2020 | 11:58:12 PM
Very Usefull
Good article, very usefull for any iOS owner. Especially considering that there are a lot of security breach nowaday. Stay safe and stay healthy everyone.
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-35519
PUBLISHED: 2021-05-06
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel i...
CVE-2021-20204
PUBLISHED: 2021-05-06
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbi...
CVE-2021-30473
PUBLISHED: 2021-05-06
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.
CVE-2021-32030
PUBLISHED: 2021-05-06
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_chec...
CVE-2021-22209
PUBLISHED: 2021-05-06
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed.