Hvordan sikre mobiler og nettbrett slik at informasjon og data ikke havner hos uvedkommende. Veiledning, råd og støtte for informasjonssikkerhet på mobile enheter. 

Norsk versjon - Sikkerhet på mobile enheter

Topic page: Informasjonssikkerhet | IT-hjelp | Pages labeled Digital Sikkerhet

Checklist

Review the list below to see that you are following best practices to safeguard information security on your mobile device.

• Use a minimum 6-character PIN. Preferably a password.
• Turn on auto-update
• Avoid using unknown wireless networks, use 4G.
• Turn on device encryption, including memory card
• Do not install any apps you come across. They steal both personal information and battery
• Enable remote wipe possibility
• Notify if you lose or your mobile device is stolen
• Do not use unknown chargers / charging cables
• Backup and delete data if your device are sent to repair
• Use VPN to establish a secure connection when needed

Use a minimum 6-character PIN. Preferably a password.

Most devices today come with standard minimum 6 character requirements. Advanced biometric methods do not help if you have a simple 4-character PIN. For additional security you can choose to set a password and not only six figures.

Guides (external links):

Apple devices

Android devices

Turn on auto-update

One of the most important things you can do is to keep your device up to date at all times. To do this, turn on auto-update.

Avoid using unknown wireless networks, use 4G.

Wireless networks are not secure. Anyone can set up a wireless network with the same SSID that already exists in a business or cafe. Those who manage that network can choose to store and / or analyze all traffic from your mobile device. Therefore, it is a good idea to use the mobile network or only wireless networks you know and trust. If you need to use an unknown wireless network, be sure to enable VPN. You can read more about it further down in the article.

Turn on device encryption, including memory card

All new mobile devices now have device encryption by default. Based on figures from our systems, we see that many do not have new mobile devices. It is therefore advisable to check if the device has encryption enabled. It is not an easy task to create a guide that covers all devices. You can do a web search based on the device you have. For example: "how to encrypt Samsung s8"

Do not install any apps you come across. They steal both personal information and battery

Don't install apps you don't need. Many apps transfer large amounts of information from your mobile device. This is stored with the supplier and in many cases they share or resell it.

Enable remote wipe possibility

Remote wipe is a feature that clears a mobile device of all content, and is strongly recomended if you lose or get your device stolen. NTNU's e-mail and calendar solution, Exchange, has functionality that supports remote deletion.

You can enable remote deletion of your mobile devices from NTNU's webmail

Most smartphones also have their own apps for remote locking and deleting. In addition, some of these may provide information about the device's geographic location and the ability to send messages that will appear on the screen even if the device is locked. This can be important information for finding a lost or stolen device.

Notify if you lose or your mobile device is stolen

Block your subscription so no one else can call on your (or NTNU's) bill.

• Remotely delete the content
• Change your NTNU account password. If you are absolutely sure that you have never used the device against NTNU's network or any of NTNU's services, this can be omitted. If in doubt, change your password.
• If the unit and / or subscription belongs to NTNU, you must notify your superior.

If you suspect that the device has been stolen, you should report the relationship to the police and block the device for further use. Then it will not be able to be used in the telecommunications network, even with a new SIM card and a new subscription. This can be done with the police. You will then need the IMEI number, which is the identity of the device itself. The IMEI number is on the box and usually under the battery. You should write down this number. You can also often get it from your operator.

Do not use unknown chargers / charging cables

Your phone's charging cable doesn't just contain wires. The cable is a smart little thing, there are fake cables out there that can be used to infect devices. Some places also offer the possibility of charging devices from a USB connector in the wall. Don't use it! There may be a PC at the other end and you will not only get power.

Bring your own charger and cord!

Backup and delete data if your device are sent to repair

It is possible to back up the content when you synchronize a mobile device with a computer or our provider's services. This allows you to easily recover the content if it is remotely deleted or deleted after too many login attempts with the wrong password.

When switching or upgrading a phone from the same manufacturer, you can back up the contents of the old phone. You still have to check if this is possible when you get a new phone.

Use VPN to establish a secure connection when needed

Think twice before transferring data from NTNU to your device. What value does data have? Can data cause harm to yourself or others if it goes astray?

If you are uncertain, do not transfer data. If you consider it necessary then you can use VPN to secure the transmission and make sure the device is encrypted. The same applies to the memory card.

Read more about this here - Install VPN

Contact

Orakel Support Services can help if you have questions or if you encounter difficulties.