used with permission from Norton by Symantec
by Nadia Kovacs
Every year, like clockwork, Apple releases a new phone and a new iOS for all existing iPhones. This year, we welcomed iOS 12. This is a time of great excitement for iPhone users — new operating systems mean new features, gizmos, apps, and more.
With all these new enhancements, it’s important to keep in mind that these new features may help or hinder your security and privacy.
We took a look at the new iOS and compiled some tips and tricks to help secure your device, your data, and your password usage.
1. Turn on USB Restricted Mode
USB Restricted Mode is a newer feature on iOS that you may not know about yet. This security feature prevents USB accessories that plug into the device from making data connections with an iPhone, iPad, or iPod. This helps prevent what is called “juice jacking,” which is when malware can be installed onto a device or information can be stolen via the USB charging port.
How to turn on USB Restricted Mode:
Settings > Touch ID & Passcode > type in your passcode. Scroll down and ensure that the “USB Accessories are not permitted on the lock screen” setting is off. (On an iPhone X, check your Face ID settings instead.)
2. Make sure automatic iOS updates are turned on
Updating apps and operating systems is crucial to the security of your device. Not only do they add nifty new updates, they also address what is called a software vulnerability. A software vulnerability is a security hole, or weakness, in an operating system or software program.
Hackers can exploit these weaknesses by writing code to target a specific vulnerability. These exploits could infect your computer with no action on your part other than viewing a website, opening a compromised message, or playing infected media.
How to check if automatic updates are turned on:
Settings > General > Software Update and turn on automatic updates.
3. Enable Find My iPhone
Find my iPhone is Apple’s built-in tracking software. It uses GPS to locate a lost or stolen phone. In addition to helping find a phone, it also has other built-in security features such as Activation Lock, which will prevent anyone else from using your iPhone. To gain access, it requires the user’s Apple ID and password. Without this information, someone can’t turn off the Find My iPhone feature, erase your device, or reactivate and use your device.
How to enable the Find My iPhone feature:
Settings > User Name > iCloud. Scroll to the bottom and tap Find My iPhone. Slide to turn on Find My iPhone and Send Last Location. If you’re asked to sign in, enter your Apple ID.
4. Disable lock screen options
The iPhone’s lock screen has what are called “widgets” that allow quick access to some features such as your camera, wallet, and Wi-Fi and Bluetooth connections. While they don’t allow a user full access to the phone, someone can still swipe some personal information with those features.
How to disable lock screen:
Settings > Control Center, and toggle off which widgets you don’t want accessed in the lock screen.
5. Use a VPN on public Wi-Fi
A virtual private network gives you a private and secure way to connect to the internet wherever you use it. It creates a secure, encrypted connection between your public internet connection and the VPN service’s private server. A VPN acts as a sort of tunnel, encrypting the data you transmit and receive while on public Wi-Fi, such as at a coffee shop or airport.
6. Use additional encryption when backing up
Your sensitive data is on your phone. Not only do you want to keep a copy of it, you’ll also want to help protect that data. When backing up your Apple devices, it’s best to connect to your computer and use iTunes. Make sure iTunes is set up to encrypt those backups. By doing so, this encrypts your data, and you can create a separate password.
How to use additional encryption when backing up Apple devices
Open iTunes when you connect your device to your computer. Select your device in the iTunes drop-down menu. In the Backups section, check the box for “Encrypt iPhone Backup.” You will then be asked to create a password.
7. Monitor privacy settings periodically
Sometimes we install apps that are used for a short time and then end up just sitting there taking up space on your phone. You may want to perform an audit of those apps because they could also pose a security risk on your phone. Unwanted apps could drain your battery and slow down your device. Sometimes the privacy policies in apps change. This could pose a privacy concern unless you read the fine print carefully.
How to monitor privacy settings:
Settings > Privacy. Here resides the master list of all permissions, along with which apps you’ve granted them to. Go through all of them periodically and revoke any permissions that you don’t think a particular app needs.
8. Set a stronger device passcode
By default, the iPhone has a four-character numeric passcode. Did you know that now you can change that and use alphanumeric passwords on your phone?
How to set a stronger device passcode:
Settings > Touch ID & Passcode and enter your passcode > select set a Custom Numeric Code.
9. Set up two-factor authentication
Two-factor authentication — also known as 2FA — is a method of verifying your identity that adds a second form of authentication in addition to your account password. It consists of two of the following three things:
Something you know: a PIN, password, or pattern.
Something you have: an ATM or credit card, mobile phone, or security token such as a key fob or USB token.
Something you are: biometric authentication such as a voiceprint or fingerprint.
How to set up 2FA:
Settings > tap your name > Password & Security. Tap “Turn on Two-Factor Authentication” and follow the prompts.
10. Use Touch ID or Face ID
In addition to a strong passcode, you can add another layer of protection by enabling both Touch ID and Face ID, if available.
How to set up Touch ID or Face ID:Settings > Face ID & Passcode. If asked, enter your passcode.
Tap “Set Up Face ID,” then follow the on-screen instructions.
Settings > Touch ID & Passcode, then enter your passcode. Then follow the on-screen instructions.
11. Make sure your iPhone screen locks quickly
The most secure option is to set Require Passcode to Immediately, which will require you or anyone who picks up your phone to enter your passcode no matter how long ago you last unlocked your phone.
How to set up Auto-Lock:
Settings > General button > Auto-Lock
12. Change your reused passwords
iOS 12’s password manager has a new feature: password auditing. One of the main difficulties with passwords is trying to select unique passwords for each and every account we use. Unfortunately, that rule is not always followed, and Apple’s new password auditing feature helps to make managing all your unique passwords much easier. This feature will audit your stored passwords and let you know if you have any duplicates.
How to change your reused passwords:
Settings > Passwords & Accounts > Website & App Passwords and enter your passcode. You’ll see a small warning symbol next to each account that recognizes a reused password. Just tap on the Change Password on Website button and you’re done.