My company recently completed some work for the UK Police about giving some basic guidance on mobile phone security. It seemed to them (and to us) that there is a gap between the daily deluge from the media of new threats to mobile users and understanding the real situation (which is often highly technical). What this often means is that users are just completely forgotten in a sea of meaningless rhetoric. People using phones inevitably then do the wrong thing. We also found that the organisations setting policies also want to give basic advice to people about how they use their phones in their daily lives.
We wrote quite a long whitepaper (which will soon be available as a booklet) but with the help of the excellent team at Beyond Design, we decided to also create a leaflet that was easy to understand and which would capture the main points easily. After all, what we’re looking for is for people to remember and adopt the advice we’re giving out. The advice covers things like:
- Personal safety
- Lost and stolen devices
- Using the features of your device securely
- The types of threats you need to be aware of
- Things that you can do to mitigate security issues or to help prevent them happening
We’ve had some good initial feedback and I understand a couple of universities in the UK are looking to distribute the leaflets for their students too.
|What risks are you taking?|
I’ve decided to make the leaflet freely available for download and printing – you can take the print ready version and send it to a local printers or online service and then use it for your own purposes. Just click the links below to get a copy:
I hope this is useful to people and we’d love to hear your feedback and who you’ve given the leaflets to. Drop us a line or add a comment below!
A note on giving out advice
The danger of course with doing something like this is that we a) miss something important or give bad advice and that b) the advice would be impractical and be ignored. We would hope that we have given out good advice based on our own experience, but please let us know if you really disagree with something. We acknowledge that there is a risk of b), but we also acknowledge that giving people nothing and just leaving them to fend for themselves is ultimately worse. Everything we do from a security perspective in our personal lives is about risk management decisions (or risk avoidance). Just as not every alley is going to have some guy lurking down it waiting to rob you, not every open WiFi connection you connect to is going to be compromised. It’s good to be at least ‘aware’ of the risks though.