Topics Covered Below:
Install Updates for Applications and the iPhone OS When Available
Enable “Find My iPhone”
Configure Email to use SSL
Do Not Jailbreak the iPhone
Install Updates for Applications and the iPhone OS When Available
An update fixes a known vulnerability that criminals could use against your phone. Download and install updates when they become available. Periodically check for application updates through iTunes and your phones application manager.
Enable Find My iPhone
Find My iPhone, a built-in application of the iPhone version 5.1 and iCloud services uses the phone GPS to map its location for display on the web. If you have lost or had your phone stolen the application will allow you to pinpoint the phones location, lock, send a message / play a sound, or wipe the phone remotely.
Note: if you remotely wipe the phone you will lose the ability to find its location.
If your phone is stolen please go to the police, do not attempt to retrieve your phone.
Link: How to setup Find my Phone
Reduce location-sharing
Many applications such as Facebook will ask or your current GPS location to update your profile wherever you travel. Criminals could use this data to determine when you are not at home and take that opportunity to steal your possessions. Your location updates could also be used by stalkers and other types of harassment.
Limit the number of applications has access to your current location and do not allow constant updates of your location to the internet.
Enable Ask to Join Wi-Fi
Enabling “Ask to Join” will prevent the iPhone from connecting to unsecured networks. Connecting to unsecured networks could potentially allow criminals to view your internet traffic and steal your account passwords and other sensitive information.
Encrypt any sensitive data such as passwords and files
Encryption is the only real way to prevent someone from looking at your data from a stolen or lost phone. First, remove any sensitive data on your phone that you do not need. Next, use encryption applications to fully secure the remaining data on the phone.
Link: Here is some more information about iPhone encryption
Configure Email to use SSL
SSL is used to encrypt your username, password, and email to and from your email server. iPhone users should turn on SSL if their email provider support it to ensure their information remains private from others on a wireless network or over the internet.
Link: Information on how to set up SSL on the iPhone.
Do Not Jailbreak the iPhone
Jail breaking the iPhone opens up functionality, new configuration options, and software that many may find beneficial. Unfortunately there are many downsides to the process as well. The jail broken apps have not been approved by Apple and may contain malware and other bugs that negatively affect the phone. Jail broken phones will not receive the latest updates to the iPhone system at the same time as the rest of the community resulting in unfixed security or network bugs. Finally jail breaking voids the phones warranty and has the potential to “brick” or make the phone unusable, leaving you with an expensive paperweight.
NU IT Security recommend the average user should not jail break their iPhone.
