WIFI Connection
Only connect to WIFI access points that you trust. Avoid connecting to access points without a secure connection. Always look for encrypted WIFI access points, as unencrypted ones are less secure. Secure WIFI access points will require passwords when you connect to them.

Bluetooth
Turn off Bluetooth when not in use. If possible, set it to non-discoverable mode.

Privacy settings
Be on the alert if any mobile application asks for permissions it doesn’t need.

Don’t jail break or root your device
If you jail break your device, it is likely to lose its original security protection, boosting overall risk to the machine.

Always keep your mobile software up to date
Apply updates regularly to your mobile system and application software to avoid security holes and attacks.

Lock screen and pick a secure password or PIN
Always lock the device’s screen using a secure password or PIN (fingerprint or face recognition if supported). This will prevent someone else using your device if you lose it.  If your devices allow, you should also set the limit of unsuccessful unlock attempts (varies in different brands of Android devices).  

Backup / sync to cloud
Regularly backup data on your local computer or cloud.

Enable Encryption
Whenever possible, enable data encryption in your mobile devices.  Apple iOS devices have it enabled by default.  For Android devices, it is a user setting and varies with different brands. 

More Information

• Securing Android Devices - https://support.google.com/android/answer/6215472?hl=en
• Setting Passcode, Fingerprint or Face recognition (links found in the page) in your iOS device - https://support.apple.com/en-hk/HT204060