Strong and stable: The iOS security guide

Apple’s smartphones are highly secure, but if your private or enterprise data matters to you, it’s essential to ensure your iPhone (or iPad) is as secure as possible.

1 2 Page 2
Page 2 of 2

Find My iPhone

Speaking of lost iPhones, you should absolutely ensure you enable Apple’s Find My iPhone (Settings>iCloud>Find My iPhone) on all your devices. Make sure you also enable Send Last Location, when you do your device will try to let you know where it was when its battery life expired. Here are Apple’s detailed support pages for using this sometimes life-saving feature.

Location protection

Apple’s mobile devices automatically gather information about where you are. That’s useful sometimes – particularly if you want information about what’s around you and so on, but can be less useful if you want to keep your journey’s confidential.

You control this in Settings>Privacy>Location Services>System Services and then Significant Locations, which you must turn off. You can erase data that may already have been gathered by tapping the Clear History button.

You can also control which of Apple’s system services are tracking your location by taking a look at Settings>Privacy>Location Services>System Services. Here you can review apps that use your data and disable the ones you don’t use, but don’t disable Find My iPhone.

More location

There are so many apps that want your location data even when you aren’t using them. You can review and manage these permissions in Settings>Privacy>Location Services, where you can assign Never, While using the App, and Always privileges to each app.

Limiting access to this data may limit what the apps can do, but you are allowed to control what you share.

Control data

To many apps seem to want access to your personal data, including email, contacts, and more. It makes sense to review which apps are demanding this information every few months – they ask permission on first run, but you can review how much access you are providing in Settings>Privacy.

Payment controls

If you don’t require authorization when making purchases using iTunes, or Apple Pay online, or elsewhere in your iOS system how exactly do you think you’ll stay protected if someone gets inside your iPhone? Protect yourself by choosing Always Require when a payment dialog appears.

Who is reading?

It may make sense to delete Messages frequently. To do so, open Settings>Messages, open the Keep Messages section and set this to 30-days. Now if you lose your device and someone gets into it they will only be able to read messages shared in the last few weeks.

Control the Lock screen

Being able to see previews of messages, notifications and emails on screen can be useful – but do you really want these communications to be an open book? Apple has been very smart with the iPhone X, which won’t show these previews on your phone unless you are looking at it, but on earlier devices you control this behaviour like this:

Settings>Notifications>Messages and Mail. Maximize privacy by disabling Show Previews so your communications won’t appear on the lock screen.

You can adjust what is read from each application you have notifications enabled for on this screen.

Develop good browser habits

Change your search engine to DuckDuckGo in Settings>Safari>Search Engine, because the search engine doesn’t collect information about you.

In Settings>Safari ensure all your Privacy & Security settings are enabled:

  • Prevent Cross-Site Tracking: On
  • Block all Cookies: On
  • Ask Websites not to track: On
  • Fraudulent Website Warning: On
  • Camera & Microphone Access: Off (unless you use it in Safari. Some services may not work so switch this on when you need to use them).
  • Check for Apple Pay: Off (unless you use it)
  • Some users may want to switch off Autofill in Safari Settings > Safari > AutoFil.l

Control the ads

In Privacy Settings (Privacy>Advertising) you can toggle Limit Ad Tracking to opt out of receiving targeted ads. The ads you see won’t be creepily relevant and ads networks will be less capable of gathering all the information about you that you never wanted them to have.

You should then tap the Reset Advertising Identifier tool to anonymize yourself.

Finally, turn off geolocation advertising in Settings>Privacy>Location Services>System Services>Location-based Apple ads (toggle to off).

I also recommend you limit your use of Google services. Your data is their business. You are the product.

Use a VPN

All your internet traffic goes through servers, and traffic going through servers can be monitored. You can protect what you do online by using a Virtual Private Network (VPN). When you use a VPN all your online activity is securely encrypted, making it much harder to monitor. Use a VPN to protect all your online activity. I like Nord VPN.

Do you use the SIM code?

You can set your iPhone up to require a SIM code. Whenever your iOS device restarts or the SIM card is removed the card will automatically lock and will remain locked until you enter the relevant SIM code.

This is an excellent extra wall of protection, but it’s no use at all if you don’t know or forget the code. Please follow Apple’s advice on this as contained in this tech support note.

Apple warns: “Don't try to guess your SIM PIN. The wrong guess can permanently lock your SIM card, which means that you would need a new SIM card.”

Handing it on

When it comes time to recycle, sell, or otherwise pass on your iOS device you will need to take a few steps to secure the data held there.

The main things you should do is sign out of iCloud and Apple Pay on the device, and then choose Settings>General>Reset>Erase All Content and Settings. This also extends to purchasing a second-hand device – if you are asked for an Apple ID then it is likely still linked to someone else’s account, so don’t buy the device as it’s possibly been stolen.

More about iOS security

Apple has a detailed and extensive white paper documenting how it sees security on iOS. This extensive document is available here.

What iOS security protections do you use? Please let me know via social media.

Google+? If you use social media and happen to be a Google+ user, why not join AppleHolic's Kool Aid Corner community and get involved with the conversation as we pursue the spirit of the New Model Apple?

Got a story? Please drop me a line via Twitter and let me know. I'd like it if you chose to follow me there so I can let you know about new articles I publish and reports I find.

Copyright © 2017 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
It’s time to break the ChatGPT habit
Shop Tech Products at Amazon