How to use your iPad Pro as a laptop replacement (Part 7)

Lock it down: The iPad security guide for people using an iPad as a laptop replacement

Apple, iOS, iPad, security

If you’re using your iPad Pro as a laptop replacement, then it is reasonable to imagine you travel with the device. If you do, then you simply must ensure you put every form of protection you can in place to protect the valuable data on your Apple tablet.

Protection at the edge

I can’t stress enough how important it is to secure your devices — try searching Twitter for iPad security, and see how many people accidentally leave their devices on trains and planes, not to mention the risk of theft.

You absolutely do not want to make it easy for others to access your personal information of confidential data simply because your iPad is left insecure.

(If you are using a work-issued device, then you may want to discuss additional security protections with your support staff first, in order to stay within enterprise security policies.)

Read the complete series

  1. Part One: iPad Equipment
  2. Part Two: Keyboard, Typing, Shortcuts, and Dictation tips
  3. Part Three:How to multitask on iPad Pro
  4. Part Four: How to use Apple’s Files app and tags
  5. Part Five: Useful utilities to help you get things done
  6. Part Six: iPad productivity tips
  7. Part Seven: Keeping your iPad secure

You should make sure to install Apple’s regularly published Software Updates when they appear, as they help make the platform significantly more secure than competitors.

Disable Face or Touch ID

You can choose which services you can access with Face or Touch ID and which ones you limit.

  • Open Settings>Face ID & Passcode.
  • Enter your passcode.
  • Now you can disable these for unlocking your iPad, using iTunes & App Store, Apple Pay and Password Autofill.

Why would you do this? Many travelers disable the unlock feature when making a journey in order to make it harder for officials to look inside their iPad.

Get wise about Wi-Fi

Hackers can use off-the-shelf tools available on the Dark Web for a few dollars to steal passcodes and other confidential data sent using Wi-Fi networks.

That’s just one of the reasons public Wi-Fi networks are not as secure as closed Wi-Fi networks. The smart-looking person in the coffee shop working on their computer may be using these tools to steal bank account details, access codes for confidential corporate sites, or just run man-in-the-middle attacks in an attempt to trick you into installing malware.

Within this, here’s how to use public Wi-Fi:

  • Public Wi-Fi is never secure, so never access secure services.
  • Always check the network name with staff – it’s not unusual for hackers to create fake networks such as CoffeeShop_FREEWIFI to trick you into using them.
  • If you need to access secure services, use 4G.
  • At the very least...

Always use VPN

When traveling, you should always use a VPN (virtual private network), as this makes it much harder for others to monitor or intercept your Internet traffic.

Your company may provide you with one of these, and you should use it. If they don’t, then be sure to reach for reputable services, as a VPN service provider will actually have access to all your traffic.

That’s a problem, as not every service claiming to offer VPN protection is transparent about who owns them or where they store your data. Simon Migliano at Top10VPN warns that over half of the most popular VPN apps available at the App Store are run by Chinese companies, for example.

I use NordVPN, while CyberGhost and ExpressVPN appear to be good fee-based options. Windscribe is Top10VPN’s recommended free VPN service, while many like to use TunnelBear.

I think that choosing a VPN service remains a little complex, and I hope to take a close look at these services in future. The bottom line? If you use your iPad for professional tasks, you should use a VPN or encourage your company to provide you with one.

Think secure

If you are using your iPad for work, then it is essential you use a strong alphanumeric passcode — you only need to enter it once in order to activate Face or Touch ID for most use. You may already have a passcode set, but you can create a stronger alphanumeric one:

  • Open Settings>Face ID & Passcode.
  • You’ll be asked to enter your passcode.
  • Scroll down to Change Passcode.
  • Enter your passcode again.
  • Choose Passcode Options.
  • And then choose Custom Alphanumeric Code.

You can make these as long and convoluted as you like. A six-character code consisting of both letters and numbers provides much better protection than the standard four-character code without being too much of a chore to type.

NB: You should also review the passcode you use for your Apple ID. If it’s not alphanumeric or complex, or is the name of your dog, cat or Kanye, change it.

There is one exception — if your organization provides you with an iPad Pro, as well as the Apple ID password so you can install or purchase apps, you should not change the security questions IT has already created for you, as this will brick your device. If in doubt, speak to support.

Allow Access When Locked

Now that you’re in Face ID & Passcode, it makes sense to exercise some of your other security options. (I’m going to assume you wish to continue using Face ID, but some enterprises may insist you turn this off.)

The Allow Access When Locked section provides a bunch of useful ways to solidify security on your device, not least by enabling you to control what is visible on the iPad lock screen. I suggest disabling all these items for maximum protection. This prevents any confidential information from appearing on a locked iPad screen.

While I concede there’s a little risk, I tend to keep Notification Centre and Control Centre active myself, but I do severely limit the apps that are capable of sending me Notifications when the device is locked.

You should certainly disable the USB Accessories toggle, as doing so requires the passcode to connect USB accessories, including those black box iOS access devices some criminals may use.

Erase Data

You shouldn’t stop there — there’s a profitable industry in attempting to crack the security of Apple devices, so do ensure to activate additional protection. In this case, open Face/Touch ID & Passcode and ensure the Erase Data option is on (Toggle to green). This will erase all the data on your iPad after 10 failed passcode attempts.

Find My iPad

Apple’s Find My iPad system works with your Apple ID to give you a chance to find a lost device. You should enable this in Settings>Your Name>iCloud>Find My iPad, where you should toggle it to on (green). I recommend you also enable the Send Last Location feature you’ll find on the same page, as doing so means the device will automatically send you its location as battery power gets critically low.

The system isn’t foolproof.

Thieves have learned to switch stolen iOS devices off while they find someone to reset the device (though the new USB Accessories protection makes it much harder to do that).

Despite those limitations, once this protection is enabled, you may be able to find your lost iPad via iCloud — just log in to your Apple ID from any browser, and choose Find My iPhone or use the app of the same name on another device.

Stop a thief

There’s a way to make it a little harder for a person who has hold of your iPad to turn off Find My iPad.

  • Open Settings>Screen Time>Content & Privacy Restrictions.
  • Tap Location Services.
  • In the next pane tap Location Services and choose Don’t Allow Changes.

This will lock the settings for use of all Location services, including Find My iPad.

  • Back in Screen Time, choose Use Screen Time Passcode and create a new 4-digit passcode.

In order to disable Find My iPad, an attacker will now need to also figure out your new Screen Time passcode. The only snag being that this set of changes will prevent new apps from using location services. This may not matter to you, but this tip will be of no use if it does.

What apps on your device do you permit to access your location data? Find out in Privacy>Location Services where you can revoke access to any apps you don’t entirely trust.

You should use two-factor authentication

Two-factor authentication (2FA) adds another level of security to any attempts to login to your Apple ID. When you have it in place, you will be required to enter a special code to access your account from a trusted device.

To enable the feature, open Password & Security in Settings and turn on two-factor authentication. You will also be asked to enter a Trusted Phone Number here — this will be used to receive verification codes by text message or automated phone call.

Apple has made this much easier to use in iOS 12. The OS now automatically recognizes and can use a 2FA code once it is received.

Safer Safari

Apple has moved to prevent some of the more egregious data mining and surveillance tools used to monitor what you do online in iOS 12, but here are a few more suggestions to make your browsing safer:

Change your search engine to DuckDuckGo in Settings>Safari>Search Engine, because the search engine doesn’t collect information about you.

In Settings>Safari ensure all your Privacy & Security settings are enabled, and always surf in Private Mode. These include:

Prevent Cross-Site Tracking: This tries to stop websites tracking you.

Block All Cookies: Some enterprise web services you use may require you to enable cookies, but you should remember to switch them off again once you’re done.

Ask Websites Not to Track Me: This tries to stop websites tracking you.

Fraudulent Website Warning: This provides useful protection against Spoof websites.

Camera & Microphone Access: Turn this off to prevent sites from accessing these, and you will have to give manual permission for them to use these features.

Check for Apple Pay: Keep this active if you want to be able to pay for items using Apple Pay. Switch this off if you want to prevent others from using this feature if they get inside your iPad.

Audit your passwords

I think more and more people are becoming aware of the importance of using unique passcodes for everything they do online.

Password managers, including Apple’s Keychain, 1 Password and Dashlane make it much easier to manage all these passwords, but many users may still have some legacy passwords that are the same. Apple has also made it much easier to audit existing passwords in iOS 12.

  • Open Settings>Passwords & Accounts
  • Open Website & App Passwords
  • When you look down your list of passwords, you may see a warning triangle beside the service name. This indicates a password used across two or more services.
  • Click that item, and you will see a little information concerning where else you have used the code, and a feature called Change Password on Website.
  • Tap this, and Apple will open the site in Safari. You should then use that site’s tools to change your password to something unique.

I do hope this short guide helps you secure your iPad. I’d actually argue that security is one of the great strengths of using an iPad instead of a laptop — and that’s even stronger with these tips.

Please follow me on Twitter, and join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Copyright © 2018 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon