When you think of cybersecurity or cyber safety, are you more likely to think of hackers targeting big corporations or governments rather than your own personal vulnerability. The wide open world of cyberspace is something you regularly interact with every time you browse a website, click a link, post on social media and chat online. But your online risk extends beyond those things because you can leave behind a digital footprint without realizing it, or expose your data in ways you didn’t intend to. This article is part of a series of articles that my Plug-in Blog colleagues and I are publishing over the next few weeks offering helpful tips and information about many topics related to cybersecurity. Today I will explore personal smartphone security.
If you consider just how personal your smartphone is, it’s almost scary to think of what might happen were you to lose it or have it stolen—even if you have the security code or fingerprint sensor enabled. There is software readily available for Windows PC and Mac that can extract data from a handset, regardless of whether it’s password-protected or not. For the iPhone, there’s Apple’s Find My iPhone. For Android, there is a combination of Google and other third-party software that helps the cause. BlackBerry and Windows Phone have their own platforms, too. No matter what type of smartphone you have, there are some universal truths that will help you to stay safe:
My Smartphone Safety Tips
1. Just as you would treat your phone well physically, do the same for the data stored on it. Don’t be careless.
2. Always use a passcode or whatever security option you choose to unlock your phone’s screen.
3. Never download system updates, apps or music when connected to public Wi-Fi networks.
4. Consider using a VPN (Virtual Private Network) app to mask your location and make it harder to be tracked or compromised.
5. Set up whatever tracking setup your phone’s operating system offers, like Find My iPhone on iOS or Android Device Manager for Android. There are also good third-party options. These can help you locate, track and even wipe your phone after it’s been lost or stolen.
6. Always make sure to do a backup, and then wipe your phone clean before selling, trading, donating or recycling it.
Keeping data private
I freely admit feeling a little anxious every time I hand off my phone to someone. Not because I have something nefarious or embarrassing on it, but more because everything I have on there is personal—email, documents via cloud apps, photos, messages, contacts and on and on.
Of course, in those instances, I’ve handed the phone to someone I trust and watched them the entire time. I make it a point to have a numerical or pattern lock on any of my phones as a first line of defence. I have used fingerprint sensors, like those used on the iPhone and Samsung Galaxy S6. I’ve also set up a data wipe if there are 10 failed attempts to get through. Surely I wouldn’t get the passcode wrong 10 times, right?
It’s not a full security solution, but as I noted, it’s a frontline defence that can mitigate an initial breach.
Keep your phone updated
Updating your phone’s system software to the latest version of the operating system is a good idea because it sometimes opens up new security options that you can enable, on top of better overall security baked into the update. For example, Android users may notice that security options have expanded over time, where passcodes, pattern locks and passwords have been complemented by fingerprint sensors, face detection and voice activation on certain models.
The iPhone has also seen changes over the years as iOS has matured, with the data wipe option first appearing in iOS 7. Not all of the changes are well publicized, but going into the security section under settings on any smartphone, regardless of operating system, is well worth the time.
Risks of jailbreaking and rooting
By default, the act of “jailbreaking” your iPhone, or “rooting” your Android phone is considered as a breach of the warranty. Bear that in mind if you want to go that route. Tech-savvy users have typically been the ones to open up their phones that way, and the reasons may vary. The point is that it can make your device vulnerable to mobile malware, which is outlined in greater detail here.
One of the draws in jailbreaking is that apps can download and run for free, which sounds highly appealing, except that it doesn’t carry the same weight it used to. Jailbreaking became popular with the original iPhone, where there was no App Store. But now, eight years later, a regular iPhone is perfectly fine. At least that’s the way I look at it.
Logging into unsecured or public networks
It’s easy enough to log on to free Wi-Fi when it’s available. All kinds of businesses and venues offer it, but it’s best to maintain some solid security etiquette when doing so. If you see a network that simply says “Free Wi-Fi”, it’s probably too good to be true, and may even be potentially dangerous. Free Wi-Fi networks offered by merchants always have a distinct name that usually includes their own. Think of Starbucks or that sports bar you love going to.
There are a few things I would never do on a public network. One is logging into any financial website or app, or purchasing something online. Another is downloading anything of significance and size, like a system update or sensitive document. And lastly, I don’t make any settings changes, like setting a new password or downloading app updates. But I would check email, send messages, stream media, browse the Web and play games. For everything else I noted above, I prefer to either do it at home, via LTE/3G or on my own portable Wi-Fi hotspot when travelling.
Utilizing free Wi-Fi is great and convenient, butexercise some caution as far as what you do when connected to it.
Wiping your old phone clean
This is a big one, and I find myself advising friends and acquaintances of it all the time. Whether you’re selling an old phone, giving it away, trading it in or sending it to a recycler, it’s vital that you wipe it clean of your data. This is actually quite easy to do, as every mobile platform has a method to simplify it. Make sure to back up everything first though.
For the iPhone, your iCloud account will back up whatever it is set to, but for a full backup of everything on your phone, including music, video and app settings, plug it into a computer, run iTunes and save a backup onto the computer itself. After that’s done, restore the phone to factory default.
For Android, it’s a similar story, though you won’t need a computer. A Google account backs up a number of things, but not everything. You can use an app like Helium or GCloud to back up or transfer everything over to another Android phone. Once that’s done, go to Settings>Backup & reset>Rest phone to bring it back to factory default.
BlackBerry and Windows Phone have very similar processes. You should find them under their respective settings tabs.
Stay aware to stay safe
Generally speaking, common sense usually prevails if you take sensible steps to keep your smartphone secure. Much of what you may have learned for computers applies here, too. Don’t tap ‘yes’ to something you shouldn’t, and if a strange pop-up appears on your mobile browser, don’t call the number shown, go directly to the phone manufacturer’s customer support or the Plug-In community here.
Malware installs and propagates itself after you’ve done something to open the door. You may not realize that you’ve done it, or even how it happened, but you are likely to avoid being a victim if you don’t make yourself vulnerable in the first place. The suggestions above are a good place to start.
Want to learn more about Cyber Safety? Here are some other recent articles on the Plug-in Blog:
Teach your kids about cyber-safety
It’s nice to see other cell phone companies including deatures that a company like BlackBerry has had for years (eg. device wipe after 10 failed attempts).
I know I push Blackberry a lot here, but that’s because I have a real soft spot for the company and often times there are things that are included with BlackBerry phones or added in updates well before other manufacturers, yet they go largely unnoticed because BB doesn’t have that exposure and market share anymore. Then, when a company like Appli introduces it, it’s revolutionary and innovative, despite having been on BlackBerry for years (eg. device wipe for incorrect password, quick settings on the home screen, etc).
Anyway, back on topic – one of the best security features I have seen on any smartphone is the Picture Password with BB10.
To set it up, you choose your picture, then you choose a number, and then you choose a place on the picture where that number needs to be dragged to.
The nice part with this feature is that when you touch the screen anywhere and drag your finger, the entire grid of numbers moves. You don’t need to touch the chosen number at all, as long as wherever you start dragging from you are able to place your number in the right spot.
The advantage to this is that, provided you’re not always touching your chosen number, it’s almost impossible to crack unless you watch the person do it multiple times and that person always uses the same spot on the screen from which to drag the grid of numbers. Very useful when unlocking your phone on the bus or anywhere that you’re in view of other people.
Don’t worry about accidentally wiping your phone, either. To use the picture password, you must have a normal device password set up. After five failed attempts, you will be asked to type the word “blackberry” and then enter your device password. This is to ensure that you don’t accidentally wipe your device by screwing up multiple times and will also ensure that your kids can’t wipe your phone accidentally because the phone won’t carry on with the password attempts until “blackberry” is entered properly.
Furthermore, if we’re talking security, there has yet to be someone out there who has been able to “jailbreak” or “root” a BlackBerry phone. The OS is secure, from the ground up. That said, the phone is only as secure as you make it. It’s up to you whether you want to have a password, whether you want to encrypt your files and all of that. The security exists in the framework of the OS. The fence is up, but it’s still up to the user to put the lock on the gate.
Comments are closed.