Protect your privacy; put a PIN on your smartphone

Your smartphone has become a doorway into the private side of your life. Like any door that guards your privacy, it needs a lock.

To lock your device, all you need to do is to create a personal identification number or passcode for your phone--and tablet, if you have one. You should also set your device to lock automatically after no more than 20 minutes of inactivity.

Taking these steps will protect your data if the phone is lost, stolen, or used by someone else when you are distracted.

Robert Ono, information technology security officer for UC Davis, is sponsoring a campuswide smartphone security campaign in 2012 because securing your smartphone or tablet is simply a good idea. The device likely has access to sensitive messages, financial data, and personal contacts--yours, and probably confidential data belonging to your friends, family and coworkers, too. They would not want their private information disclosed any more than you would. Moreover, using secure devices to connect to the campus network is consistent with campus policy.

"Policy aside, think of your ATM or debit card. Would you want anyone who happened to pick it up to be able to use it?" Ono said. "Even if the bank didn't require a PIN, you would almost certainly want to create one. It's much the same way with smartphones."

"In many cases, the PIN on your mobile device is also used to make data on your mobile device unreadable to unauthorized parties," he said.

According to an informal survey by security company Credant Technologies in 2009, about 60 percent of smartphone owners use PINs.

"At UC Davis, we'd like it to be 100 percent," Ono said.

The mobile device security page created by Information and Educational Technology lists several additional steps to secure your device:

  • Keep t he firmware or operating system current.
  • Back up data on the device, to be sure it can be recovered.
  • Turn off services, such as Wi-Fi, Bluetooth and virtual private networks, when you are not using them.
  • Encrypt sensitive data. Use the encryption feature on the smartphone, or use a reputable encryption app.
  • Label the device with minimal contact information, such as an email address or office phone number, and if you lose it, report the loss.

Read more, including links to information on how to make these changes, at security.ucdavis.edu/mobilesecurity.cfm.

The campaign will include posters, outreach at events, and handouts, among other communications.