Settings may vary slightly depending on the model of iPhone, iPad or iPod iOS 8.4.1 is installed on.
Settings / Wi-Fi
If you connect often to public networks, it’s a good idea to remove those from your Wi-Fi list. You can do this by tapping the “i” icon next to the network you connected to. On the next screen, tap “Forget This Network” and then “Forget” when the pop up displays. This will keep your list clean and will reduce any chance one public Wi-Fi access point shares the same name, as hackers can spoof popular Wi-Fi names, thereby potentially allowing for your device to connect to them when you don’t know it.
Settings / VPN
If you are on public WiFi and / or are performing some sensitive interactions on your device, getting a VPN service installed on the device is a best practice.
Settings / Control Center
Turn off Access on Lock Screen because there continues to be various hacks that utilize this feature to be able to access many things on an iOS device without needing a password to get into the device.
Settings / General / About / Trust Store
There isn’t anything that you can do here, but you will see a very long number which according to the link below the number, this number is used for establishing trusted root certificates that is used by other certificates signed by the trusted roots. Confusing huh?
Settings / General / Siri
I turn Siri off as it is another security issue, due to Apple retaining voice commands for around two years. Apple claims the data is anonymized, but who knows.
Settings / General / Spotlight Search
There is controversy on this setting. I turned off Spotlight Suggestions and Bing Web Results. Here is Apple’s technical answer on this feature: to make suggestions more relevant to users, Spotlight Suggestions includes user context and search feedback with search query requests sent to Apple. Context sent with search requests provides Apple with: i) the device’s approximate location; ii) the device type (e.g., iPhone, iPad, or iPod); iii) the client app, which is either Spotlight or Safari; iv) the device’s default language and region settings; v) the three most recently used apps on the device; and vi) an anonymous session ID. All communication with the server is encrypted via HTTPS.
Settings / General / Handoff & Suggested Apps
I turn this off as it requires an iCloud account to be active to use it. A really cool feature, but due to the insecurity of iCloud, I don’t trust it.
Settings / General / Auto Lock
This is self-explanatory, but this should not be set to Never.
Settings / General / Reset
Use this when it is time to give / sell your iOS device to someone else. It is the most secure way by default to protect your data.
Settings / Touch ID & Passcode
This should be self explanatory by having it on. On an iPhone 6 / 6+, use Touch ID for iPhone Unlock, Apple Pay, iTunes & App Store. For fingerprints, I recommend only one because more than one makes it that much easier for someone to get into your device. I require passcode immediately. I turned OFF simple passcode, so my iPhone requires a keyboard type password when fingerprints don’t work or are asked for. I turned off Voice Dial. I turned off Siri as Siri can allow some limited functions that could ultimately allow a malicious person to gain access to your device. You will not see this option if you turn off Siri in General settings. I turned off Passbook to be allowed access when locked. Finally, I turned on Erase Data so that after 10 failed passcode attempts, all my data is erased.
Settings / Privacy / Location Services
The first one I turn off is the Camera app and Photos app as I don’t want geotagging capabilities attached to any pictures I take. I have touched upon that security issue once before. Another security issue I have touched upon is Siri & Dictation, so I turned this off.
Settings / Privacy / Location Services / Share My Location
I don’t think I need to explain why this should be turned off, but this feature allows you to share your location with family and friends in Messages and Find My Friends.
Settings / Privacy / Location Services / System Services
I turn off Location-Based Alerts, Location-Based iAds, Share My Location, Spotlight Suggestions, Diagnostics & Usage, Popular Near Me.
Settings / Privacy / Location Services / System Services / Frequent Locations
I turn this feature off.
Settings / Privacy / Microphone
This feature is turned off because I don’t need to use voice searching, but more importantly, I don’t need my voice added to Siri’s servers.
Settings / Privacy / Diagnostics & Usage
I turn this feature off.
Settings / Privacy / Advertising
I turned on Limit Ad Tracking. I also click Reset Advertising Identifier quite often so that my identifier changes, forcing ads to not be targeted (read the About Advertising & Privacy link below it).
Settings / iCloud
I turn EVERYTHING off here, except Find my iPhone. The reason it is important to keep this one feature is because Activation Lock is built into Find My iPhone using iCloud. What this means is, if your iPhone is lost or stolen, no matter if the phone is reset, wiped, jalibroken, whatever, that phone can’t be used for anything unless it is accessed with the iTunes username and password it was set up with. A terrific feature to potentially deter some theft, although this has been easily bypassed by a group called doulci. If you do not have Find My iPhone turned on, then this feature disappears and acts like the previous iOS firmware – you can wipe the device and use it as if you bought it yourself. Next, pay special attention to Keychain – turn it off. It is a feature that allows passwords and credit cards to be store in iCloud so they can sync across all your devices. It is stated that, “Your information is encrypted and cannot be read by Apple”.
Settings / iCloud / Share My Location
I definitely turn this off. This is a bad idea to use in my opinion. If you use Find My Friends, your friends will actually be able to see where you are on a map. Need I say more? Besides, that’s creepy.
Settings / iTunes & App Store
Under Automatic Downloads, I turned off Apps and Updates. This is kind of turning off a security feature as keeping apps up to date is important and creates a much safer device. On the other hand, I keep them updated manually constantly anyway. The main reason I turned these off is, as I have experienced in the past, without reading and researching, I have blindly updated, only to find out the update broke the app. I also turned off My Apps and App Store under Suggested Apps as these use your current location.
Settings / Passbook & Apple Pay
this feature is only for iPhone 6/6+ and above for Apple Pay. I use Apple pay so all of the information in this section is entered. In my opinion, Apple Pay is WAY more secure than using a traditional credit card.
Settings / Phone / Sim Pin
I turned this feature on so that if my iPhone is stolen, the contact information on the SIM card can’t be accessed without a PIN number. Be aware that if you have this featured enabled and you fly often, when turning on Airplane Mode, you can run into some trouble getting cell service back on when you turn Airplane Mode off because of some kind of bug that doesn’t allow for the SIM pin box to appear to allow you to input it. It is a hassle, but doesn’t always happen.
Settings / Messages
Under Message History, there is a setting for Keep Messages. If you are wanting to add some security to your texts (native texts), you can select the amount of time the texts reside on your device. Under Audio Messages, you can select how long before those expire. Under Video messages, you can select how long before those expire.
Settings / Safari / Passwords and Autofill
Everything is disabled.
Settings / Safari
Spotlight Suggestions is turned off. Passwords & AutoFill is turned off. Block Pop-ups is turned on. Do Not Track is turned on. Block Cookies is set to “Allow from Current Website Only”. Fraudulent Website Warning is tuned on.
Settings / Safari / Advanced / Website Data
Scroll to the bottom and you will see where you can remove all website data. I do this from time to time.
Settings / Photos & Camera
Everything is turned off, except Keep Normal Photo.