Settings may vary slightly depending on the model of iPhone, iPad or iPod iOS 10.3.3 is installed on.
Apple ID, iCloud, iTunes and App Store
Password & Security: enable two-step verification.
iCloud: I turn EVERYTHING off here, except Find my iPhone / iPad. The reason it is important to keep this one feature is because Activation Lock is built into Find My iPhone / iPad using iCloud. What this means is, if your iOS device is lost or stolen, no matter if the phone is reset, wiped, jalibroken, whatever, that device can’t be used for anything unless it is accessed with the iTunes username and password it was set up with. A terrific feature to potentially deter some theft. If you do not have Find My iPhone / iPad turned on, then this feature disappears and acts like the previous iOS firmware – you can wipe the device and use it as if you bought it yourself. Next, pay special attention to Keychain – turn it off. It is a feature that allows passwords and credit cards to be store in iCloud so they can sync across all your devices. It is stated that, “Your information is encrypted and cannot be read by Apple”. Never put this kind of information into the cloud. You are risking a lot by doing so. Of course, there was the famous iCloud incident with nude celebrity photos being stolen. Look Me Up By Email shouldn’t have anything in it, but if it does, check what it is. Share My location is turned off.
Settings / Wi-Fi
If you connect often to public networks, it’s a good idea to remove those from your Wi-Fi list. You can do this by tapping the “i” icon next to the network you connected to. On the next screen, tap “Forget This Network” and then “Forget” when the pop up displays. This will keep your list clean and will reduce any chance one public Wi-Fi access point shares the same name, as hackers can spoof popular Wi-Fi names, thereby potentially allowing for your device to connect to them when you don’t know it.
Settings / Bluetooth
Turn this off when not in use. It has been proven that always on bluetooth can be manipulated.
Settings / VPN
If you are on public WiFi and / or are performing some sensitive interactions on your device, getting a VPN service installed on the device is a best practice.
Settings / Control Center
Turn off Access on Lock Screen because there continues to be various hacks that utilize this feature to be able to access many things on an iOS device without needing a password to get into the device.
Settings / General / About / Certificate Trust Settings
There isn’t anything that you can do here, but you will see a very long number which according to the link below the number, this number is used for establishing trusted root certificates that is used by other certificates signed by the trusted roots. Confusing huh?
Settings / General / Spotlight Search
There is controversy on this setting. I turned off Siri Suggestions, Suggestions in Search and Suggestions in Look Up. Here is Apple’s technical answer on this feature: to make suggestions more relevant to users, Spotlight Suggestions includes user context and search feedback with search query requests sent to Apple. Context sent with search requests provides Apple with: i) the device’s approximate location; ii) the device type (e.g., iPhone, iPad, or iPod); iii) the client app, which is either Spotlight or Safari; iv) the device’s default language and region settings; v) the three most recently used apps on the device; and vi) an anonymous session ID. All communication with the server is encrypted via HTTPS.
Settings / General / Handoff
I turn this off as it requires an iCloud account to be active to use it. A really cool feature, but due to the insecurity of iCloud, I don’t trust it.
Settings / General / Reset
Use this when it is time to give / sell your iOS device to someone else. It is the most secure way by default to protect your data.
Settings / Siri
I turn Siri off as it is another security issue, due to Apple retaining voice commands for around two years. Apple claims the data is anonymized, but who knows.
Settings / Touch ID & Passcode
This should be self explanatory by having it on. On an iPhone 6 / 6+ or newer, use Touch ID for iPhone Unlock, Apple Pay, iTunes & App Store. For fingerprints, I recommend only one because more than one makes it that much easier for someone to get into your device. I require passcode immediately. I turned off Voice Dial, Today View, Notifications View, Siri (you will not see this option if you turn off Siri in General settings), Reply with Message, Home Control and Wallet. Finally, I turned on Erase Data so that after 10 failed passcode attempts, all my data is erased.
Settings / Privacy / Location Services
The first one I turn off is the Camera app as I don’t want geotagging capabilities attached to any pictures I take. There are a lot of other apps listed here you will need to check individually and ask yourself if location services really need to be turned on for that particular app.
Settings / Privacy / Location Services / Share My Location
I don’t think I need to explain why this should be turned off, but this feature allows you to share your location with family and friends in Messages and Find My Friends.
Settings / Privacy / Location Services / System Services
I turn off Location-Based Alerts, Location-Based Apple Ads, Location Based Suggestions, Share My Location, Wi-Fi Networking, Frequent Locations, iPhone Analytics, Popular Near Me.
Settings / Privacy / Microphone
This feature is turned off because I don’t need to use voice searching, but more importantly, I don’t need my voice added to Siri’s servers or used by a hacker to listen in on my conversations.
Settings / Privacy / Analytics
I turn everything off.
Settings / Privacy / Advertising
I turned on Limit Ad Tracking. I also click Reset Advertising Identifier quite often so that my identifier changes, forcing ads to not be targeted (read the About Advertising & Privacy link below it).
Settings / iTunes & App Store
Under Automatic Downloads, I turned off Apps and Updates. This is kind of turning off a security feature as keeping apps up to date is important and creates a much safer device. On the other hand, I keep them updated manually constantly anyway. The main reason I turned these off is, as I have experienced in the past, without reading and researching, I have blindly updated, only to find out the update broke the app.
Settings / Wallet & Apple Pay
This feature is only for iPhone 6/6+ and newer for Apple Pay. I use Apple Pay so all of the information in this section is entered, but I turn off Double-Click Home Button to remove the ability to see information on the lock screen.
Settings / Phone / Sim Pin
I turned this feature on so that if my iPhone is stolen, the information on the SIM card can’t be accessed without a PIN number.
Settings / Messages
Under Message History, there is a setting for Keep Messages. If you are wanting to add some security to your texts (native texts), you can select the amount of time the texts reside on your device. Under Audio Messages, you can select how long before those expire.
Settings / Safari / Passwords
Nothing is enabled.
Settings / Safari / Autofill
Nothing is enabled.
Settings / Safari / Frequently Visited Sites
Settings / Safari / Do Not Track
Settings / Safari / Block Cookies
Set to “Allow from Current Website Only”.
Settings / Safari / Fraudulent Website Warning
Settings / Safari / Check for Apple Pay
This allows websites to check if Apple Pay is set up. This is definitely disabled.
Settings / Safari / Clear History and Website Data
I do this from time to time.
Settings / Safari / Advanced / Website Data
I frequently tap Remove All Website Data for obvious reasons.
Settings / Photos & Camera
Everything is turned off, except Keep Normal Photo.