It’s nearly that time of the year again when we spring forward, reset our clocks and lose an hour of sleep. But if you’re like most people, you won’t need to reset your clock because your smartphone IS your clock, your alarm, your calendar…and much more for that matter.
It’s easy to forget your smartphone is much more than a phone – it’s your personal assistant – a mobile computer that contains private data like emails, location history and even credit card information. And like all computers, your smartphone is susceptible to these security threats and many more:
- Malware can hijack credit card data off your phone.
- Fake apps install ransomware that encrypts your data and demands a ransom to regain access to your phone.
- Free apps (even those found in official app stores) send personal and even corporate data to a remote server where that data is mined by advertisers and even cybercriminals.
With so much at stake, there is no better time than now to spring into action and protect your sensitive data by following the 3 do’s and don’ts of smartphone security:
3 Security Don’ts
- DON’T blindly install security apps
Not all smartphone security apps will protect you. While most antivirus apps do what they say, they don’t all equally work well.
In 2014, a new antivirus app called Virus Shield popped up, quickly rising to the top of the paid apps list at a price of $4. After 10,000 users downloaded the app, they eventually realized the app didn’t do anything at all and it was quickly taken down.
Moral of the story? Do your research before installing a security app. If you use your smartphone for work, check with your employer – if they have a mobile device management solution in place, your smartphone might already be secured. However, be sure to confirm this with your employer – never make assumptions when it comes to security.
- DON’T connect to unsecured Wi-Fi
Connecting to unsecured Wi-Fi hotspots always presents a security risk.
Similar to walkie-talkies, these Wi-Fi networks provide public airwaves that anyone can tune into.
Hackers can see emails, passwords, unencrypted text messages and even unsecured logins to popular websites.
Many sites give you the option of encrypting your entire login session, but by default, they’ll encrypt your login and return you to an unsecured session, leaving you vulnerable to hijacking. When in doubt, confirm the URL address starts with https instead of http.
- DON’T give out personal information via text
While everyone has received email spam at some point in time, text message spam might be new to you. Be wary of any text message from an unknown sender, especially if the message appears to be from your financial institution. Replying to unknown senders can peak cyber criminal’s interest and confirm there’s a real person behind your number, so be sure not to reply, even if you just want to tell them to stop messaging you.
3 Security Do’s
- DO use a pin, password or pattern to lock your phone:
The mobile nature of a smartphone in and of itself presents a security risk. If you don’t use a pin, password or pattern to lock your phone, you’re just asking for trouble.
You might think a swipe pattern is secure, but your glossy phone cover might reveal your finger trail pattern. The best lock option, in terms of security, is a strong password that uses numbers and letters.
TIP: Be sure this isn’t the same password you use for other accounts online – make your smartphone password unique. Also, it pays dividends to install a find my phone app so that if you did ever lose your smartphone, you could track it down and retrieve it.
- DO download apps only from trusted stores
When you download new apps to your smartphone, only do so from trusted app stores – never from third party websites. When Pokémon GO was first released, it was only available in select countries and cyber criminals jumped at the opportunity to create mirrored websites with fake versions of the app that contained malware and caused harm to users’ smartphones. In just 4 days, they exploited this demand and assembled a repackaged download of Pokémon GO, complete with embedded malware.
But this doesn’t mean you should blindly trust ALL apps, just because they’re available in app stores like Android’s Google Play or Apple’s App Store. Be sure to check the app’s most recent reviews and ratings, along with their privacy settings so you know exactly what features of your phone the app will have access to.
- DO turn off Wi-Fi and Bluetooth when not in use
It’s a wise decision to turn off Wi-Fi and Bluetooth when you don’t need them. Leaving Bluetooth on at all times and automatically connecting to Wi-Fi networks allows cyber criminals to connect to your device and access files if you connect to unencrypted access points.
Cool Features Present Big Risks
With the ever-expanding capabilities of smartphones, security is now a complex, multilayered process. Fortunately, there are a wide range of ways to backup, remote wipe your data and keep track of your phone in the event it is lost or stolen. Keep these best practices in mind to ensure your smartphone and sensitive data stays safe now and long into the future.