SlideShare une entreprise Scribd logo

10 Ways To Secure Your I Phone

R
Randy Ray
TechnologieActualités & Politique
1  sur  3
Télécharger pour lire hors ligne
Version 1.0 10 ways to secure the Apple iPhone June 10, 2009 By Michael Kassner The Center for Internet Security (CIS) is well -known for developing security benchmarks for operating systems, applications, network devices, and now the Apple iPhone. I’ve read the iPhone benchmark and felt that TechRepublic’s 10 Things format would be the perfect way for me to pass along some of their advice. The complete document can be found at the CIS benchmark portal. So let’s make sure your iPhone is secure. 1: Make sure firmware is up to date Like computer operating system software, keeping the iPhone’s firmware up to date is important in reducing the vulnerability footprint. The latest version of firmware is 2.2.1. Select Settings | General | About to determine what version the iPhone is using. If the iPhone is using an older version, follow the steps below to update the firmware: 1. Connect the iPhone to the computer. 2. Open iTunes. 3. Select iPhone under Devices in the source list. 4. Select Check For Update. 5. Select Download And Install. 2: Disable Wi-Fi when not in use This is self-apparent, yet important enough to include in the list. Most people automatically disable Wi-Fi to conserve the battery. But knowing that disabling Wi-Fi eliminates an attack vector may be added incentive to turn Wi-Fi on only when needed. Use the following steps to disable Wi-Fi: 1. Tap Settings. 2. Tap Wi-Fi. 3. Turn Wi-Fi off. 3: Disallow automatic association to networks By default, the iPhone retains association settings of the Wi-Fi networks it connects to, which allows the phone to automatically reconnect when within range. Automatic association isn’t recommended, as it’s easy to spoof trusted networks. Still, disallowing automatic association is kind of a pain, as doing so requires you to enter the passkey each time. I’ll leave this one up to you. To prevent automatic association use the following steps: 1. Tap Settings. 2. Select Wi-Fi (make sure Wi-Fi is on). 3. Tap the blue arrow of the network to forget. 4. Select Forget This Network. 4: Turn Bluetooth off when not being used Features that make life easier for the user tend to make it easier for bad guys as well. Bluetooth is one such feature; it allows many conveniences, such as the use of wireless headsets and sharing information between phones. Yet attackers can also use it to Bluejack or Bluesnarf a phone. For some reason, the iPhone isn’t set up to just turn off discovery. So the only way to prevent unwanted discovery and associations is to use the following steps to turn Bluetooth off: 1. Pick Settings. 2. Tap General. Page 1 Copyright © 2009 CNET Networks, Inc., a CBS Company. All rights reserved. TechRepublic is a registered trademark of CNET Networks, Inc For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
10 ways to secure the Apple iPhone 3. Tap Bluetooth. 4. Turn Bluetooth off. 5: Disable location services until needed Turning location services off doesn’t immediately increase security; it just prevents the user’s location from being published. I personally think disabling the service is a good idea for two reasons. First, it’s a significant battery drain. Second, disabling the service isn’t an inconvenience. It’s simple to turn the location service back on from within the application that needs positioning information. If so desired, follow the steps below to disable location services: 1. Tap Settings. 2. Tap General. 3. Turn Location Services off. 6: Set a passcode Setting a passcode definitely increases the security of the iPhone. It makes it harder for someone to gain access to the iPhone because the phone automatically locks after a user-determined amount of inactivity. Setting a passcode is also required for feature seven to work. Use the following steps to set a passcode: 1. Select Settings. 2. Select General. 3. Tap Passcode Lock. 4. Enter a four-digit passcode. 5. Re-enter the same passcode. 7: Erase data if too many wrong passcodes are entered After 10 wrong passcode attempts, user settings and any data stored on the iPhone will be erased if this setting is enabled. It’s a valuable feature because a four-digit passcode of just numbers will eventually be discovered, and this option ensures that any sensitive information will not get into the wrong hands. Use the following steps to turn erase data on: 1. Select Settings. 2. Tap General. 3. Choose Passcode Lock. 4. Turn Erase Data on. 8: Erase data before returning or repairing the iPhone To some, this may be apparent, but many people don’t even think about removing sensitive data before selling or sending their phone in for repair. Use the following steps to prevent others from accessing your personal information: 1. Select Settings. 2. Tap General. 3. Choose Reset. 4. Select Erase All Contents And Settings. Page 2 Copyright © 2008 CNET Networks, Inc., a CBS Company. All rights reserved. TechRepublic is a registered trademark of CNET Networks, Inc For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
10 ways to secure the Apple iPhone 9: Disable SMS preview Even when the iPhone is locked, it’s still possible to preview a recently received text message. I immediately disabled SMS preview on my iPhone, as I do not want my text messages visible when the phone is locked. If you agree, use the following steps to turn off SMS preview: 1. Select Settings. 2. Tap General. 3. Choose Passcode Lock. 4. Turn Show SMS Preview off. 10: Disable JavaScript and plug-ins in Safari Because the iPhone uses a fully functional Web browser, it is susceptible to all the same JavaScript and plug-in exploits that plague normal computers. I recommend disabling JavaScript and plug-ins, but doing so breaks certain Web page characteristics. It’s yet another balancing act between security and usability. If you want to err on the side of security, use the following steps to disable both: 1. Select Settings. 2. Tap Safari. 3. Turn JavaScript off. 4. Turn Plug-Ins off. Final thoughts Most of the above security enhancements are intuitive, but I’ve found that unless prodded, most people don’t take advantage of them. I can’t in good conscious say that applying all of these enhancements is the only way; that’s going to be up to you. I just wanted to make sure everyone knew what was available. I also want to thank CIS again for its diligence in preparing the iPhone security benchmark. Additional resources TechRepublic's Downloads RSS Feed Sign up for the Downloads at TechRepublic newsletter Sign up for our IT Leadership Newsletter Check out all of TechRepublic's free newsletters 10+ answers to your questions about IPv6 10 Faces of Computer Malware 10 answers to your questions about botnets Version history Version: 1.0 Published: June 10, 2009 Page 3 Copyright © 2008 CNET Networks, Inc., a CBS Company. All rights reserved. TechRepublic is a registered trademark of CNET Networks, Inc For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html

Recommandé

Designing For People With Light
Designing For People With LightDesigning For People With Light
Designing For People With LightCannonDesign
 
Urban Aurora: Stargazing in the Cradle of Liberty
Urban Aurora: Stargazing in the Cradle of LibertyUrban Aurora: Stargazing in the Cradle of Liberty
Urban Aurora: Stargazing in the Cradle of LibertyCannonDesign
 
Census 2010 and its impacts on libraries
Census 2010 and its impacts on librariesCensus 2010 and its impacts on libraries
Census 2010 and its impacts on librariesUniversity of Connecticut Libraries Map and Geographic Information Center - MAGIC
 
Biusiness Intelligence In Banking
Biusiness Intelligence In BankingBiusiness Intelligence In Banking
Biusiness Intelligence In BankingAxiomConsultingAustralia
 
Presentation to Chinese Propagandists
Presentation to Chinese PropagandistsPresentation to Chinese Propagandists
Presentation to Chinese PropagandistsPaul Staines
 
UConn Geospatial Coffeehouse - July 28, 2011
UConn Geospatial Coffeehouse - July 28, 2011UConn Geospatial Coffeehouse - July 28, 2011
UConn Geospatial Coffeehouse - July 28, 2011University of Connecticut Libraries Map and Geographic Information Center - MAGIC
 
Easy Evengelsim
Easy EvengelsimEasy Evengelsim
Easy EvengelsimRandy Ray
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 

Recommandé

Designing For People With Light
Designing For People With LightDesigning For People With Light
Designing For People With LightCannonDesign
 
Urban Aurora: Stargazing in the Cradle of Liberty
Urban Aurora: Stargazing in the Cradle of LibertyUrban Aurora: Stargazing in the Cradle of Liberty
Urban Aurora: Stargazing in the Cradle of LibertyCannonDesign
 
Census 2010 and its impacts on libraries
Census 2010 and its impacts on librariesCensus 2010 and its impacts on libraries
Census 2010 and its impacts on librariesUniversity of Connecticut Libraries Map and Geographic Information Center - MAGIC
 
Biusiness Intelligence In Banking
Biusiness Intelligence In BankingBiusiness Intelligence In Banking
Biusiness Intelligence In BankingAxiomConsultingAustralia
 
Presentation to Chinese Propagandists
Presentation to Chinese PropagandistsPresentation to Chinese Propagandists
Presentation to Chinese PropagandistsPaul Staines
 
UConn Geospatial Coffeehouse - July 28, 2011
UConn Geospatial Coffeehouse - July 28, 2011UConn Geospatial Coffeehouse - July 28, 2011
UConn Geospatial Coffeehouse - July 28, 2011University of Connecticut Libraries Map and Geographic Information Center - MAGIC
 
Easy Evengelsim
Easy EvengelsimEasy Evengelsim
Easy EvengelsimRandy Ray
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 

Contenu connexe

Dernier

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Dernier (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

En vedette

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 

En vedette (20)

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 

10 Ways To Secure Your I Phone

  • 1. Version 1.0 10 ways to secure the Apple iPhone June 10, 2009 By Michael Kassner The Center for Internet Security (CIS) is well -known for developing security benchmarks for operating systems, applications, network devices, and now the Apple iPhone. I’ve read the iPhone benchmark and felt that TechRepublic’s 10 Things format would be the perfect way for me to pass along some of their advice. The complete document can be found at the CIS benchmark portal. So let’s make sure your iPhone is secure. 1: Make sure firmware is up to date Like computer operating system software, keeping the iPhone’s firmware up to date is important in reducing the vulnerability footprint. The latest version of firmware is 2.2.1. Select Settings | General | About to determine what version the iPhone is using. If the iPhone is using an older version, follow the steps below to update the firmware: 1. Connect the iPhone to the computer. 2. Open iTunes. 3. Select iPhone under Devices in the source list. 4. Select Check For Update. 5. Select Download And Install. 2: Disable Wi-Fi when not in use This is self-apparent, yet important enough to include in the list. Most people automatically disable Wi-Fi to conserve the battery. But knowing that disabling Wi-Fi eliminates an attack vector may be added incentive to turn Wi-Fi on only when needed. Use the following steps to disable Wi-Fi: 1. Tap Settings. 2. Tap Wi-Fi. 3. Turn Wi-Fi off. 3: Disallow automatic association to networks By default, the iPhone retains association settings of the Wi-Fi networks it connects to, which allows the phone to automatically reconnect when within range. Automatic association isn’t recommended, as it’s easy to spoof trusted networks. Still, disallowing automatic association is kind of a pain, as doing so requires you to enter the passkey each time. I’ll leave this one up to you. To prevent automatic association use the following steps: 1. Tap Settings. 2. Select Wi-Fi (make sure Wi-Fi is on). 3. Tap the blue arrow of the network to forget. 4. Select Forget This Network. 4: Turn Bluetooth off when not being used Features that make life easier for the user tend to make it easier for bad guys as well. Bluetooth is one such feature; it allows many conveniences, such as the use of wireless headsets and sharing information between phones. Yet attackers can also use it to Bluejack or Bluesnarf a phone. For some reason, the iPhone isn’t set up to just turn off discovery. So the only way to prevent unwanted discovery and associations is to use the following steps to turn Bluetooth off: 1. Pick Settings. 2. Tap General. Page 1 Copyright © 2009 CNET Networks, Inc., a CBS Company. All rights reserved. TechRepublic is a registered trademark of CNET Networks, Inc For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
  • 2. 10 ways to secure the Apple iPhone 3. Tap Bluetooth. 4. Turn Bluetooth off. 5: Disable location services until needed Turning location services off doesn’t immediately increase security; it just prevents the user’s location from being published. I personally think disabling the service is a good idea for two reasons. First, it’s a significant battery drain. Second, disabling the service isn’t an inconvenience. It’s simple to turn the location service back on from within the application that needs positioning information. If so desired, follow the steps below to disable location services: 1. Tap Settings. 2. Tap General. 3. Turn Location Services off. 6: Set a passcode Setting a passcode definitely increases the security of the iPhone. It makes it harder for someone to gain access to the iPhone because the phone automatically locks after a user-determined amount of inactivity. Setting a passcode is also required for feature seven to work. Use the following steps to set a passcode: 1. Select Settings. 2. Select General. 3. Tap Passcode Lock. 4. Enter a four-digit passcode. 5. Re-enter the same passcode. 7: Erase data if too many wrong passcodes are entered After 10 wrong passcode attempts, user settings and any data stored on the iPhone will be erased if this setting is enabled. It’s a valuable feature because a four-digit passcode of just numbers will eventually be discovered, and this option ensures that any sensitive information will not get into the wrong hands. Use the following steps to turn erase data on: 1. Select Settings. 2. Tap General. 3. Choose Passcode Lock. 4. Turn Erase Data on. 8: Erase data before returning or repairing the iPhone To some, this may be apparent, but many people don’t even think about removing sensitive data before selling or sending their phone in for repair. Use the following steps to prevent others from accessing your personal information: 1. Select Settings. 2. Tap General. 3. Choose Reset. 4. Select Erase All Contents And Settings. Page 2 Copyright © 2008 CNET Networks, Inc., a CBS Company. All rights reserved. TechRepublic is a registered trademark of CNET Networks, Inc For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
  • 3. 10 ways to secure the Apple iPhone 9: Disable SMS preview Even when the iPhone is locked, it’s still possible to preview a recently received text message. I immediately disabled SMS preview on my iPhone, as I do not want my text messages visible when the phone is locked. If you agree, use the following steps to turn off SMS preview: 1. Select Settings. 2. Tap General. 3. Choose Passcode Lock. 4. Turn Show SMS Preview off. 10: Disable JavaScript and plug-ins in Safari Because the iPhone uses a fully functional Web browser, it is susceptible to all the same JavaScript and plug-in exploits that plague normal computers. I recommend disabling JavaScript and plug-ins, but doing so breaks certain Web page characteristics. It’s yet another balancing act between security and usability. If you want to err on the side of security, use the following steps to disable both: 1. Select Settings. 2. Tap Safari. 3. Turn JavaScript off. 4. Turn Plug-Ins off. Final thoughts Most of the above security enhancements are intuitive, but I’ve found that unless prodded, most people don’t take advantage of them. I can’t in good conscious say that applying all of these enhancements is the only way; that’s going to be up to you. I just wanted to make sure everyone knew what was available. I also want to thank CIS again for its diligence in preparing the iPhone security benchmark. Additional resources TechRepublic's Downloads RSS Feed Sign up for the Downloads at TechRepublic newsletter Sign up for our IT Leadership Newsletter Check out all of TechRepublic's free newsletters 10+ answers to your questions about IPv6 10 Faces of Computer Malware 10 answers to your questions about botnets Version history Version: 1.0 Published: June 10, 2009 Page 3 Copyright © 2008 CNET Networks, Inc., a CBS Company. All rights reserved. TechRepublic is a registered trademark of CNET Networks, Inc For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html