Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/22/2020
07:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

10 iOS Security Tips to Lock Down Your iPhone

Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.
6 of 11

More Passwords, Stronger Security 
Experts urge iPhone owners to enable multifactor authentication (MFA) where possible and to create strong, unique passwords for each of the applications they use. 
'Some people also think biometrics -- fingerprints, facial recognition, etc. -- are a replacement for passwords, but they should really think of them more as a replacement for usernames,' says Ken Underhill, master instructor at Cybrary. 'It's good to remember that a strong, complex password and/or code is still beneficial.' He echoes what security pros recommend: creating strong and unique passwords across all accounts, not just for the iPhone itself. 
A key area of concern is iCloud, where accounts could grant intruders access to files, services, photos, and data if they're able to log in. Here, MFA is essential, and like all applications, iCloud should be secured with a password different from any other passwords stored on your device. 
'Even though the threat of spyware being installed on your iPhone is scary, the way that I've seen most attacks against iOS carried out by criminal groups is not by hacking the phone itself, but by guessing or stealing the victim's iCloud account password and simply logging in as them.' If someone can get to your iCloud backup, they can access the same data that's on your device without having to steal or break into the phone itself. 
'Have lots of passwords on your phone, too,' says Chris Hazelton, director of security solutions at Lookout. 'Use a mobile password aggregator to create unique passwords for all your mobile apps. The latest mobile OS have integrations with password aggregators that make them easy to use and even speed up signing into apps.' 
(Image: Vitalii Vodolazskyi -- stock.adobe.com)

More Passwords, Stronger Security

Experts urge iPhone owners to enable multifactor authentication (MFA) where possible and to create strong, unique passwords for each of the applications they use.

"Some people also think biometrics -- fingerprints, facial recognition, etc. -- are a replacement for passwords, but they should really think of them more as a replacement for usernames," says Ken Underhill, master instructor at Cybrary. "It's good to remember that a strong, complex password and/or code is still beneficial." He echoes what security pros recommend: creating strong and unique passwords across all accounts, not just for the iPhone itself.

A key area of concern is iCloud, where accounts could grant intruders access to files, services, photos, and data if they're able to log in. Here, MFA is essential, and like all applications, iCloud should be secured with a password different from any other passwords stored on your device.

"Even though the threat of spyware being installed on your iPhone is scary, the way that I've seen most attacks against iOS carried out by criminal groups is not by hacking the phone itself, but by guessing or stealing the victim's iCloud account password and simply logging in as them." If someone can get to your iCloud backup, they can access the same data that's on your device without having to steal or break into the phone itself.

"Have lots of passwords on your phone, too," says Chris Hazelton, director of security solutions at Lookout. "Use a mobile password aggregator to create unique passwords for all your mobile apps. The latest mobile OS have integrations with password aggregators that make them easy to use and even speed up signing into apps."

(Image: Vitalii Vodolazskyi -- stock.adobe.com)

6 of 11
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
angelabelp
50%
50%
angelabelp,
User Rank: Apprentice
6/5/2020 | 2:12:43 AM
very good this page
 Esta gran web  es una de las mejores que conozco, no comparte información falsa como muchas que veo en muchos lugares, espero que sigan así y mejoren, gracias por todo lo que comparten muy útil

Translation (From Editors)

This great website is one of the best I know, does not share false information as many that I see in many places, I hope they continue like this and improve, thanks for everything they share very useful

 

 

 

 

 
fazzael
50%
50%
fazzael,
User Rank: Strategist
5/24/2020 | 11:58:12 PM
Very Usefull
Good article, very usefull for any iOS owner. Especially considering that there are a lot of security breach nowaday. Stay safe and stay healthy everyone.
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...
CVE-2021-31459
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...
CVE-2021-31460
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the process...
CVE-2021-31461
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the han...
CVE-2021-31462
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...