My mobile devices have been stolen – now what? – Datacom

Date
Author:
Emily Wang, Principal Architect, Mobile Innovation, Datacom

My house was robbed recently.

One laptop and two tablets were stolen.

My colleagues thought I was too calm about the situation. I was calm because I have insurance, but more importantly I knew the information on the devices was relatively secure and backed up. Here are the precautionary measures I took.

Enable passcode locks

Any form of passcode lock is better than nothing, but the following actions are recommended:

  • Clean your screen often as your finger smudges could reveal your unlock pattern or passcode
  • Set a short auto-lock time period
  • A 4-digit PIN is widely considered unsecure, try to use a longer passphrase or increase the PIN to 5 digits
  • Use iOS devices’ Touch ID function with a strong passphrase. This has been hacked before, but it is difficult
  • Facial recognition unlock is not recommended yet as it’s easy to fool
  • Avoid using the most common Android lock patterns; see this article

Passwords

“123456” and “password” are still among the most popular passwords (see the top 25 list here). Yes, they are easy for you to remember, but they are terrible for security.

There are many strategies for password generation. This Lifehacker article covers it well. It’s not only important to have unique, random and complicated passwords, but to try not to reuse them. If attackers nab one password, they could try it on other services.

Personally, I use a hybrid approach – a password management tool plus memorisation. It’s not for everyone though, so you should use what you’re comfortable with.

Do not jailbreak/root

Jailbreaking or rooting is removing hardware restrictions to give yourself above normal administrative access. iPhone jailbreaking or Android rooting can lead to serious security vulnerabilities. It’s trivial to show sensitive information such as WiFi passwords, apps’ usernames, and secure tokens.

Encryption

Most iPhones and iPads have built-in hardware encryption already. Newer Android Operating Systems (OS) also have strong encryption. You need to set a passcode/passphrase in order to enable this.

Track and remote control

It is important to turn on Find My iPhone, Find My iPad or the Android Device Manager on any of your devices. Then you can track a device’s location, perform a remote lock or wipe it, as long as it’s online.

However, if the device is turned off or has no internet connection, you won’t be able to track it.

Backups

Stolen devices can be covered by insurance, but your personal data will be lost forever unless you back it up. You can backup using the cloud, your computer or an external hard drive. 

Keep devices up to date

Keep the software on your devices up to date. Often, vulnerabilities are privately submitted to Apple and Google, and a patch will be released to fix the vulnerability.

I’m always more concerned about cybercrime than a physical break-in. After the break-in, I saw shattered glass and knew I needed the police. However, you can fall victim to a cybercrime without knowing it, and the data can easily be used to cause permanent damage. That’s why you should be proactive and protect yourself.