Eight easy steps to iPhone security
- — 09 December, 2008 09:25
As someone who's been around the block a few times with mobile technology, I get a kick out of lengthy treatises on the practices one should follow to keep the information on your iPhone secure. They follow a commonsense pattern: Use a PIN, set the device to auto-lock after a minimal delay, set it to blank itself after a limited number of invalid unlock attempts, block access to the App Store, use Safari's security defaults, and use WPA2 security for Wi-Fi. This is helpful, but it isn't enough. Users of the iPhone, and mobile devices in general, deserve the big picture regarding the balance of security and convenience.
When you leave the store with your shiny new phone, you accept sole responsibility to protect your investment. It's not the manufacturer's or seller's job to keep your property safe. They've built in mechanisms that, if used as documented, will reasonably protect your phone and the information it contains. If the phone gets swiped, pillaged, or vandalized, it is either your fault or bad luck, and when bad luck plays a hand, it's likely that you contributed to the circumstances. Here are eight uncommon things you can do to steer the odds in your favor.
1. First and foremost, never, ever leave your iPhone unlocked. You've heard that, but you haven't heard how to make it painless: Practice. Whenever you'd ordinarily be bending paper clips or generally goofing off at work, sit in your chair and lock and unlock your phone over and over again until it's as natural as twiddling your thumbs. Practice with your nondominant hand. Practice with one hand concealing the other. Practice with your eyes closed. Practice with the display facing the floor. When entering your PIN becomes ingrained into muscle memory, you'll never be tempted to disable the lock to save time, and even sharp-eyed shoulder surfers can't watch you enter your PIN. As a bonus, you will never forget your PIN. Try it; it works.
2. Keep up with Apple firmware updates. Apple's well-publicized flaw that allowed access to the address book via the emergency call mechanism was repaired, but only if you applied the patch. Unfortunately, Apple requires the use of desktop tools for firmware updates: Users must run Apple Software Update on their Mac or PC to grab them from iTunes when they become available. I think that's poor design, especially when BlackBerry and Android demonstrate the ease with which OTA updates can be performed. In an enterprise setting where OTA firmware updates aren't possible, IT should send iPhone users a broadcast SMS alerting them that they need to dock to iTunes to load an urgent fix. When running iTunes at a work desktop is forbidden by policy (as it should be), easy access to IT-controlled update stations should be arranged.
3. Put your iPhone on a leash. Keeping your phone with you provides the only impenetrable shield against theft or tampering. A comfortable, fashionable holster that suits your style makes it less likely that you'll nonchalantly toss your phone in your bag when you leave the house. Don't choose a jacket pocket, a backpack compartment, or any container from which you walk away. In the same vein, don't let anyone borrow your iPhone. Even your best friend could leave your iPhone, take out his curiosity on your device, or get hoodwinked by a malicious hacker. Treat your iPhone as you do your wallet.