FTI Journal
FTI Journal | Critical Thinking at the Critical Time

Now’s the Time to Get Smart About Securing Your Smartphone

Now’s the Time to Get Smart About Securing Your Smartphone

In the second of four articles for Cybersecurity Awareness Month (October), FTI Cybersecurity presents essential best practices for securing your mobile device at home and on the job.

Most of us consider the minicomputer we carry in our pockets to be a direct line for managing various parts of our personal and professional lives. We chat, text, check the S&P 500 and sports scores, email the boss, snap selfies, and navigate unfamiliar cities on our business trips.

Cyber criminals look at our smartphones — and by extension us — through a different lens. They see a veritable treasure chest of data and information for the taking and owners who may be too busy or preoccupied to keep their devices secure. The good news is that we can tighten the security around our smartphones with 10 simple low-tech actions that will protect our information and data whether at home, work or out and about.

1. Update regularly 

This applies not only to your mobile device operating system (OS), but to your apps. Attackers will often target known vulnerabilities that appear in older versions of software. By consistently updating the OS and your apps,* you can reduce your risk with the simple click of a button.

2. Turn on multifactor authentication (MFA) 

Not every website, app or service offers it, but for those that do, MFA adds an extra level of security. Most MFAs work by automatically sending a numeric code to your phone via SMS or push notification through an app when you log into a password-protected account, but avoid using SMS (text)-based MFA if possible. Cyber criminals and other nefarious actors often target wireless provider accounts to obtain access to your SMS messages. Use a dedicated MFA app like Duo or Google Authenticator when possible, including for personal apps, even if you already have one installed for corporate apps.

3. Be wary of unsolicited calls/text messages 

The creativity and complexity of attacks tends to run one step ahead of security, so you should give additional scrutiny to any calls or messages that ask you to perform an unusual action or provide excessive information. Rule of thumb: You’ll never be asked out of the blue to provide a social security number or password by a legitimate organization.

Published October 2020

© Copyright 2020. The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals. FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm.

About The Authors

David Dunn
Managing Director, Cybersecurity
Forensic & Litigation Consulting
FTI Consulting

Jonathan Snyder
Senior Director, Cybersecurity
Forensic & Litigating Consulting
FTI Consulting

Share This

Related Articles

Latest Articles

Related Articles

Latest Articles

It looks like you're enjoying this article. If you'd like to receive email updates from the FTI Journal, please consider subscribing.
The views expressed in this article(s) are those of the author and not necessarily those of FTI Consulting, Inc., or its professionals.
©Copyright, FTI Consulting, Inc., 2012. All rights reserved.