Disconnect your device from the Internet when you aren’t using it and make sure your device isn’t programmed to automatically connect to Wi-Fi. The likelihood that attackers will target you becomes much higher if your device is always connected.

The United States Computer Emergency Readiness Team (US-CERT) recommends locking your device when you are not using it. You might only step away for a few minutes, but that’s enough time for someone to steal or destroy your information. Use strong PINs and passwords to prevent others from accessing your device.

In order to prevent theft, unauthorized access and loss of sensitive information, never leave your mobile devices—including any USB or external storage devices—unattended in a public place. While on travel, if you plan on leaving any devices in your hotel room, be sure those items are appropriately secured.

It’s not as popular as it was in the early 2010s, but jailbreaking (or rooting) a mobile device is still a risky practice. It removes many built-in protections and allows the installation of unapproved applications. Stick with the standard OS and keep it updated.

What if you left your phone behind in a public place? Without a passcode on the lock screen, its contents would be fully accessible to anyone who had it. Configure a passcode, along with other even more secure options such as a fingerprint or facial recognition scan, if available on your device.

Thinking of connecting to a public Wi-Fi network? Here’s what you need to know first.