Smartphones aren’t getting any cheaper; at the same time, your data is becoming increasingly valuable to cybercriminals looking to make a quick buck. An unsecured device can be a treasure trove of information ripe for theft, and as we’ve learned in the past year, even iPhones aren’t exempt from malware and hacks.
Fortunately there are a few things you can do to make your smartphone considerably more secure. Most of what you can do is relatively similar between different operating systems, but there are a few differences, the most notable likely being how much more secure the App Store is relative to the Play Store.
Note that while the following tips are broadly applicable, much older devices may at times be limited by version incompatibility and by outdated operating systems that are still vulnerable to security exploits.
Using a Virtual Private Network
During a recent trip to the café, I spoke with a couple of older folks who were on a Skype call with their iPads. While they marveled at the technological leaps that had been made in their lifetimes, they expressed concern over how vulnerable technology can make us. In particular, we were talking about WiFi and how a large number of hacks actually occur because people just like them connect to an unsecured public network and become victims.
What they didn’t know at the time was that there’s actually a really simple way to use public WiFi safely. Using a Virtual Private Network (VPN) actually protects your connection by encrypting everything you do. In essence, a VPN routes your connection through a safe pathway that keeps hackers out.
Because of their widespread availability and relatively low costs, I always recommend users subscribe to a VPN if their device has anything sensitive. Even Apple products, which are renowned for their security, benefit tremendously. Here’s a list of the best 3 VPNs available for iPhones and iPads currently (they work for Android and Windows as well).
Obtaining Safe Apps
One thing to really pay attention to is the source of your apps. While most of us will simply get them from our device OS’s main store (the App Store, the Play Store, the Windows Store, etc.), sometimes it can be tempting to download apps from a third party. That’s because third-party apps don’t always come with the same restrictions as those from the stores, such as ads or premium features.
Unfortunately, some of these apps steal your data or infect your phone with malware. In fact, apps are one of the easiest ways to steal your device’s data simply because on mobile operating systems (especially Android), malware is much more difficult for anti-virus apps to handle once it gets going.
You can use an anti-virus app such as Avast to scan downloaded apps for malware, but once an app starts, there’s not much your anti-virus can do to stop it. Prevention is the best way to handle mobile malware, and the safest bet is to get apps only from first-party stores.Note that while Amazon is technically a third party, their apps are just as safe as the others and can be installed on a variety of devices.
Keeping your device updated can be tricky; most updates require you to put your device down entirely and let it do its thing for up to an hour. Worse still, older devices may be left out of the loop and not updated at all.
Limited data plans are another thorn in the side of staying updated, as constantly downloading app updates can really drain your plan quickly. That being said, updating your operating system and apps frequently is one of the best ways to stop hackers from using exploits to access your device.
Updates frequently contain fixes for said exploits, and the longer you wait to update, the more you risk becoming a victim. If nothing else, don’t feel bad about having to buy yourself a new device because yours becomes out of date. Think of it as an investment in protecting your privacy.
Backing It Up
Suppose something does happen to your smartphone. Now what? Assuming your device isn’t totally ruined, most of us are going to perform a factory reset to get things working again. But without a backup, all you’ve got is a functional device with none of your personal data left on it.
Using a backup service for your device, whether it’s manual or automatic, can save you major headaches. Part of that is because you might not even know what is missing if something disappears from your device; we store so many things on our smartphones now that it’s nearly impossible to keep track.
Default backups such as iCloud or Samsung Backup are good for select data, but premium services such as Titanium Backup do a much more complete job of saving your information. They also use encryption, which keeps your backed up information from being stolen and used by cybercriminals.
Creating Secure Logins
If you’ve ever seen a hoarder house, you know that having too many things is never good. But what about having too many online accounts? As it turns out, the average user has well over 20 distinct logins at any given time. By some accounts, that number climbs closer to 90.
Like physical hoarders, we tend to get lazy as there are more logins and passwords to remember. We use the same password over and over to make things easier on ourselves. Smartphones are the worst culprits because many apps leave us with the option to stay logged in.
The two create the perfect storm for hackers to harvest data. To combat this, two steps are needed: first, not all accounts allow you to create a username (some are simply your email address), but they do let you use a unique password.
Using an app such as LastPass will help you navigate this problem because you can still create long, unique passwords (that’s usually more than seven characters, uppercase and lowercase letters, with numbers and symbols as allowed) but without the trouble of remembering them all. You’ll instead use a master password that can be extra difficult. All your stored passwords are encrypted, so not even LastPass has access to them.
The second step you should take is going through your accounts and apps and deciding which ones are okay not to be logged in at all times—the fewer the better.All it takes is someone to pick up your device while it’s unlocked, and he or she is immediately able to access any accounts that are already logged in.
Final Thoughts: Encryption
Throughout the above tips, you may have noticed a constant theme with encryption. For those of you who don’t know, encryption is basically a scrambling of information that can only be unlocked with the right key.
Encrypted data can and is stolen regularly—it just can’t be accessed, at least not within a reasonable amount of time (some encryptions can take nine to 100 years to crack). So you should feel reasonably safe about any data that is encrypted.
Have some ideas of your own? Post them in the comment section!
Also published on Medium.