IT Security:
Safe Use of Mobile Devices
1. Handling phone numbers
Be cautious about sharing your mobile phone number. Verify unknown numbers before you call back and never call back any unknown service numbers
2. Measures against phone tapping
Calls via GSM (a mobile standard for voice and data transmission) are not bugproof, so it is best to avoid sharing confidential information over a mobile phone. If you need to share especially confidential information over the phone more often, you should consider buying a crypto phone.
3. Access protection
Use the keypad lock and the access code function – and remember to activate the SIM / USIM PIN. Change the default settings of the lock code and PIN and keep your login data strictly confidential. You should also change your passwords regularly, just like on your personal computer.
4. Wireless interfaces
Remember to disable any wireless interfaces – such as Wi-Fi or Bluetooth – when they are not being used. Only start a Bluetooth-connection (=pairing) to other devices in a safe environment – or use devices based on Bluetooth version 2.1 with Secure Simple Pairing.
5. Public hotspots
Be careful when using public hotspots and Wi-Fi. Avoid applications that involve confidential data, online banking for instance. Please also take care when visiting social networks and online-shops: hackers might be able to hijack a connection and take over a session from the user.
6. Keep devices within reach
Never leave mobile devices unattended in public to avoid any unauthorized access or tampering.
7. Applications (Apps)
Only install Apps from trustworthy sources. Some providers offer the possibility to check the app’s range of functions and access rights. Please ask yourself which of these access rights are really needed.
8. Security updates
Always install the latest security updates offered for the operating system and installed software you are using. Never install any software from an untrustworthy source
9. SIM card
In case you lose your mobile phone, remember to have your SIM-card locked immediately. Some providers offer a so-called “remote wipe”-feature to disable and reset the device. Tip: If you use Exchange, you can perform a remote wipe and remove any mailbox data from your mobile phone yourself. For more information, check your Exchange account under "Options” – “Phone”.
10. Sale and disposal
If you are about to sell or dispose of your mobile phone and don’t want your data to fall into the wrong hands, remember that data traces will remain if they are not physically erased by overwriting. A normal deletion is often not enough. Remember to remove and/or destroy your SIM card.
- Detailed information (in German) including brochures and posters by the Federal Officer for Information Security.
- More tips (in German) are available from the Institute for Internet Security.