How To

Top 9 iPhone Security Tips

Posted on July 2nd, 2013 by

iPhone security tips

Holding its own among the most sought-after handheld devices available is the iPhone. The wide variety of apps enabling users to do just about anything is one of the main reasons behind the product’s success. Unfortunately, the iPhone’s popularity combined with users’ tendency to download so many apps makes it an irresistible target for data thieves and malware developers.

Whether or not you realize it, iPhones store a great deal of personal information about the user including browsing history, browser queries, map queries and even GPS data. All of this data is at risk if the proper security measures aren’t in place, and the sensitivity of this data increases tenfold if you use your iPhone to pay bills, purchase items, or manage finances.

Taking a proactive stance and setting up an iPhone to run securely is a critical step to peace of mind. The following are just a few of the measures you can take to ensure your iPhone is secure. For a deeper look into iPhone security, check out the iPhone forensics course offered by the InfoSec Institute.

  1. Enable the Auto-Lock
    Let’s begin with something obvious. It goes without saying, but you should always enable the auto-lock feature on your phone. You’d be surprised at the number of people who forget to do this! Should you realize your phone is suddenly in the physical possession of a third party, a lock screen is an essential first line of defense. To configure this feature, tap the settings icon and select “General.” Next select the Auto-Lock button in the menu and set the time, preferably to five minutes. In addition, enable the Passcode lock option to ensure only you can access the phone once locked.
  2. Reset the Home Button on iPhone 3G/3GS
    If you have a first generation, 3G or 3GS iPhone, it is recommended you reset the home button’s function. The default setting goes directly to your favorite contacts and letting people know who is important to you is never a wise idea. Changing this is done by selecting the settings icon and selecting General. Next select Home and change this to iPod for example, rather than Phone Favorites. For those with an iPhone 4, 4S or 5, this is an unnecessary step and doesn’t have to be worried about.
  3. Change the SIM PIN
    An important measure you can take for iPhone security is changing the SIM PIN - not to be mistaken with the PIN one enters when the iPhone auto-locks. Changing the SIM PIN is simple. Tap on the settings icon, then tap on Phone, and scroll down to select SIM PIN. From there, tap on the option for ON and enter a code. Doing so prevents the SIM in your iPhone from being used in any other iPhone, therefore thwarting would-be thieves.
  4. Update Your Software
    Keeping your applications and operating system up to date is crucial for security as there are many exploits and methods that take advantage of out-of-date software. This is a security tip that applies to all areas of computing.
  5. Don't Jailbreak Your Phone
    Perhaps one of the most popular bad habits users fall into is jailbreaking their iPhone. Do not do this. Many may argue against this advice, but the reasons not to jailbreak an iPhone speak for themselves. Going against Apple is never a wise idea when it comes to the safety of your device.
    Sometimes jailbroken software is written with a backdoor included and if you are unlucky enough to download an application with one, you are giving the software, thus the creator, full control and access to your device without even realizing it. If that isn’t enough to dissuade you from jailbreaking your iPhone, maybe the fact that you will not be able to receive major updates or new releases for iOS will be. That is unless you are willing to restore your iPhone to factory settings, install the updates and jailbreak the iPhone again. But in the end is it really worth the effort? Doubtful.
  6. Don't Use Wi-Fi for Sensitive Data
    Those of us without the greatest coverage sometimes rely on Wi-Fi to do most of our heavy Internet browsing. This helps keep data usage down and generally speeds up communications. However, remember the same rules that apply to standard computers still apply to iPhones on free Wi-Fi hotspots. The information your device sends across a Wi-Fi network is not anonymous, so avoid any online banking or financial tracking until you have carrier coverage or access to a more trusted network.
  7. Check App Permission Requests Before Installing
    Before you begin installing any old app that comes your way, be sure to read the application access request for permission agreement. This often-overlooked agreement contains valuable information regarding specific permissions on how the app accesses your device. Be mindful of what the application purports to do and what it is that it actually does. Chances are a calculator application does not need access to the Internet or your personal information.
  8. Turn Off Geo-Location
    Stay anonymous and more secure by turning off your geo-location features. That said, turning off the wireless network location feature would make you less traceable to authorities in an emergency situation so choose your battles wisely.
  9. Make Regular Backups
    One final step to securing your iPhone is backing up the iPhone to your PC or Mac and encrypting those backup files. You can do so from iTunes with no special software necessary. Simply follow the steps below:

    • When the iPhone is connected to your computer it will show up on iTunes
    • Select the name of the iPhone found in the iTunes section: “Devices”
    • Then click the Summary tab located in preferences
    • Finally, click on the empty box located beside “Encrypt iPhone backups” and select “Apply”
    • When backup process is complete, remove the iPhone from iTunes

Common practices and preemptive safety precautions aside, no method is perfect. This is why it is so very important to backup your data and employ a layered approach. Take the time to create regular backups of your applications, settings, pictures, texts, videos and other important files. It cannot be stressed enough how important it is to have redundancy with storing data.

About Keatron

Keatron, one of the two lead authors of "Chained Exploits: Advanced Hacking Attacks From Start to Finish," is a Senior Instructor and Training Services Director at InfoSec Institute. Keatron is regularly engaged in training and consulting for members of the United States intelligence community, military, and federal law enforcement agencies. View all posts by Keatron →
  • Richard

    Also very important: turn off “Simple Passcode” in Settings -> General -> Passcode Lock. The default 4-digit PIN can be cracked in minutes if someone is really after your stuff. Changing this to a longer passcode will significantly increase the time needed to crack it.

    If you choose an all-digit passcode (10+ digits should be strong enough), you still get the convenient numeric keyboard instead of the QWERTY to enter it.

    • LysaMyers

      Thanks Richard, this is a great suggestion!