2019 Cybersecurity Awareness Month: Mobile Security
Would you trust a stranger to watch your laptop? - Human Error on the Street
Apps are part of our lives now. Nowadays, it seems like there really is an app for everything — from games to shopping, fitness, beauty, hobbies, and more. No wonder that almost 50% of all smartphone users download at least one new app a month. Just like with any device or program, though, it’s important to choose and use your apps carefully. Some apps may be scams or contain viruses. There are steps you can take to keep yourself safe.
- Look out for permissions. Any time you install an app, it’ll ask you to allow it permission to access functions of your device — stuff like the camera, text messaging ability and contacts list. But does a fitness app really need to use your camera, or a game need to know who you call? You can click “Deny” to keep an app from getting certain permissions.
- Get your apps from the official sources. Apple App Store and Google Play have standards for what apps they include, and something from the official store is less likely (but not impossible) to cause problems for you.
App Security Fail
Always lock your screen when your phone is not in use. Set your phone to lock after a minute or two of inactivity, and require a passcode to unlock it.
It is important to choose a secure passcode that can't be guessed easily...
Victor's Secret Passcode
...and is kept private.
Be careful when connecting to Wi-Fi networks. Avoid public Wi-Fi networks as much as possible. The allure of free Internet, especially on phones with restrictive data plans, is hard to resist sometimes. One solution would be to connect to a public Wi-Fi, but that comes with risks. Most of the time, these types of networks have poor security, and they can be used to spy on people using the Wi-Fi. If you do connect to public Wi-Fi, be wary of unsecured networks. If you do not have to enter a password to connect to the network, it is not secure. Use a Virtual Private Network (VPN) service whenever possible. Although there are some free VPN services, most of those have limitations; therefore, paid services also are available. Here is an article with more information. If you need to use a public Wi-Fi, chose a trustworthy VPN service. This way, the user’s data is anonymized and secured in a way that makes spying very difficult.
Don't jailbreak your phone. Jailbreaking or rooting your phone is when you unlock your phone and remove the safeguard the manufacturers have put in place so you can access anything you want. It can be tempting to jailbreak your phone so that you can install apps that aren't in the official App Store, but doing so is a big security risk. If you are tempted to jailbreak your phone, there are a few things to keep in mind:
- Installing apps outside of the official App Store is risky. Many of these apps could install spyware or steal information such as banking details from your smartphone.
- Jailbroken phones do not receive security updates.
- Jailbreaking your phone voids the warranty.
- Jailbreaking your phone could "brick" your phone (i.e. it is as useful as a brick.) If that happens, you are on your own, because you voided your warranty.
Prepare in advance for losing your phone. You can use remote tracking if you lose your phone. On Android it is called Find My Device and on iOS it is called Find My iPhone. From here, you can remotely disable your phone if needed. If you absolutely can't find your phone, you can wipe it remotely. With an Apple device, you can do this through Find My iPhone. There are a variety of apps to help you track and/or erase your lost Android phone, or you may be able to wipe it through Android Device Manager. These usually require some setup in advance, so setup everything now.
- Keep all devices up to date. Some people will postpone updating their phone or PC, for various reasons. Many of these updates contain patches for vulnerabilities and exploits, and not applying them leaves devices opened to attacks.
- Bluetooth and NFC (Near-field Communication) on mobile devices seem innocuous enough, and people usually leave them on. To remain safe, turn them off until you really need them. Several vulnerabilities have been found and fixed in the Bluetooth protocol, but other vulnerabilities may remain undiscovered. On the other hand, NFC has quite a few uses, and that includes paying with the phone or smartwatch instead of a credit card. While the protocol and apps are reasonably secure, they are not invulnerable and, in the right conditions, the financial information can be intercepted.
- Last on the list is the location services (GPS) on your phone. While people might be willing to share their location with Google or Apple, the same data is available to other apps as well. Third-party apps have been found to leak the user’s geolocation data. Turn location services off if you’re not using it.
- Wipe all data and settings before disposing of an old device.
You don't have to put your phone under actual lock and key. Just exercise a few mobile security measures and you will be secure.