Smartphones have grown in popularity, and now it seems no-one can do their job properly without one.

However, keeping malware off your handset is one of the biggest headaches for smartphone users.

We spoke to five experts to get their top tips for securing mobile phones.

Joe Brown, information systems security engineer, CISSP, McAfee

  1. There are antivirus packages available for most smartphones, so if you're really worried then invest in one.
  2. Alternatively, just apply the same basic common sense security you use when surfing the web to using your mobile phone.
  3. If you don't recognise the sender, or there is a suspicious attachment, don't open it.
  4. Also, be careful where you surf. Some web proxies do support mobile devices.
  5. Bluetooth is evil! Control your bluetooth footprint. With iPhone, Android and BlackBerry there are now products that can control the ability to add applications (think white listing or common operating environments).

Derek Schatz, senior security architect for a company in California


  1. Only deploy devices that can support key features like encryption, remote wipe, and password locking.
  2. Create specific security policy and procedure items for mobile devices that govern acceptable use, responsibilities (e.g. what to do if device is lost or stolen), etc.
  3. Monitor security vulnerability tracking feeds for new attacks on mobile devices.
  4. Ensure devices in the field can be updated quickly to fix security issues.


  1. Assume smart phones should only be given to senior management. Many staff-level positions can become much more productive with these tools.
  2. Deploy devices for enterprise use without proper protections and control. The loss of proprietary information can be very costly to the business.

NEXT PAGE: More smartphone security dos and don'ts

  1. The dos and don't you need to follow
  2. More smartphone security dos and don'ts
  3. Thoughts from SMobile Systems
  4. Thoughts from Yinal Ozkan at Integralis