The “General” settings tab in iOS contains many settins that impact security and privacy. This post will explore the iOS 10 General settings. It will also cover Display & Brightness settings which contains one step that is crucial to security, so please read all the way to the bottom.
iOS 10 General Settings
About: This section contains information specific to your device, the first bit of which is the phone’s name. I choose a generic name like “iPhone” or “My Device” to reduce the data that is leaked about me. When Bluetooth or Personal Hotspot are enabled the phone broadcasts this name, so make it as indistinct as possible, or use this as an opportunity to create disinformation about yourself by using a false name or other misleading information. By tapping “Name” you can change your device’s name.The About page contains, among other things, your device’s serial and IMEI (International Mobile Station Equipment Identity) numbers. Both of these numbers could be useful in reporting your device lost or stolen so that it cannot be resold. You should screenshot this page by pressing the Home and Power buttons simultaneously and store the screenshot in a secure location for use in the event your device is lost or stolen.
Software Update: This will verify that the phone’s operating system is up-to-date. If it is not you will be prompted to download and install the latest version of iOS. If you have learned of an update but have not been prompted to install it, use this to manually check for it. Keep your phone’s operating system up-to-date! Software updates patch known, publicized vulnerabilities. Using an outdated operating system exposes you to these vulnerabilities.
Carrier Updates: Though the phone has no setting dedicated to carrier updates, occasionally your wireless service provider will issue an update. These updates should be installed as they generally optimize the device for the carrier’s network and updated frequency settings, etc. Though some carrier settings are mandatory (and installed without your consent) you will be alerted to most with an Alert notification.
Spotlight Search: Spotlight Search allows you to search the files and applications on your phone from the search bar. Searches conducted through Spotlight Search are sent to Apple, and thus might be a privacy concern. However, users have very granular control over the applications that Spotlight Search can access.
Handoff and Suggested Apps: Enabling either of these options also allows information about your usage to be sent to Apple. I recommend completely disabling both of them. Handoff allows you to sync apps across multiple devices, and using this is at individual discretion, but the information from one device must be transmitted via the internet in order to be available to another. Suggested Apps recommends applications based on your location. By necessity this must track your physical location which creates another set of metadata about your movements.
CarPlay: CarPlay allows your iOS device to integrate seamlessly with your car’s entertainment system. When you enable CarPlay the device will begin to search for a car connection. First, it will give you the option to enable CarPlay via Bluetooth or USB. I recommend using a USB connection. If you use Bluetooth, remember to turn it off when you exit your vehicle.
Background App Refresh: This menu allows you to limit applications that can access the phone’s content even when they are closed. By default some applications may be able report your location or other data even when they are closed. I recommend carefully considering each application that you allow to refresh in the background.
Restrictions: Restrictions allow you to turn off certain functions of the device, such as the camera, Siri, FaceTime, etc. This section of settings is intended to allow you to limit or completely restrict access to certain functions for children or employees. However, these settings may be used for security purposes. If you enable Restrictions you will be prompted to create a restrictions passcode. If you wish to disable a function to completely ensure that it is not re-enabled, either inadvertently or during a software update, you can disable it in restrictions. I use restrictions to disable some functions that I will NEVER enable and do not want inadvertenly enabled. These include Siri & Dictation, Share My Location, and Game Center Settings.
VPN: This is the setting to which you will go when manually installing a Virtual Private Network. VPNs are a very important part of the security of data-in-motion and will be discussed in more detail in a future post.
Reset: Reset allows you to reset certain functions in the device to the factory default. Several of these settings impact security. The first is Reset Network Connections which will remove all Wi-Fi networks and VPNs from the device (I will discuss why you might want to do this in a future post). The other is Erase All Content and Settings which erases all your device’s content and restores the settings to factory default. This is an important step before selling or donating a used device. Using this function will require you to enter both your phone’s passcode and Apple ID password. Reset Keyboard Dictionary will remove all of your custom words that the device has “learned”. If you have frequently used a password or other sensitive information that is now in the dictionary you should consider resetting the dictionary.
Display & Brightness
Settings//Display & Brightness
Auto-Lock: Auto-Lock controls the amount of time your phone’s screen is inactive before the device locks. These times range from 30 seconds to five minutes, and advance in one-minute increments (there is also a “Never” option. It should never be used). Shorter times are more secure. Longer times are less secure and consume more battery life in keeping your screen awake and powered.
RECOMMENDATION: Set Auto-Lock to no more than 1 Minute.