Ten Steps to Securing Your Android Cell Phone
Smartphones continue to grow in popularity and are now as powerful and functional as many computers. As mobile cybersecurity continues to grow, it is important to protect your smartphone just like you protect your computer. Mobile security tips can help you reduce the risk of exposure to mobile security threats.
Set PINs and passwords. To prevent unauthorized access to your phone, set a password or Personal Identification Number (PIN) on your phone as a first line of defense in case your phone is lost or stolen. Use a different password for each of your important log-ins (email, banking, personal sites, etc.). Configure your phone to automatically lock after five minutes or less when your phone is idle. My personal phone locks in 30 seconds. Use the SIM password capability available on most smartphones.
Leave your smartphone’s security settings alone. Do not alter security settings for convenience. Tampering with your phone’s factory settings or rooting your phone undermines the built-in security features offered by your smartphone. Changing these settings makes it more susceptible to an attack.
Backup and secure your data. You should back up all of the data stored on your phone – including your contacts, documents, and photos. These files can be stored on your computer, on a removal storage card, or in the cloud. This will allow you to conveniently restore the information to your phone should it be lost, stolen, or otherwise erased. (I use: LookOut, GoBackup and SpriteBackup).
Only install apps from trusted sources. Before downloading an app, do some research to ensure the app is legitimate. Checking the legitimacy of an app may include: checking reviews, confirming the legitimacy of the app store, and comparing the app sponsor’s official website with the app store link to confirm consistency. Many apps from untrusted sources contain malware that once installed can steal information, install viruses, and cause harm to your phone’s contents. There are also apps that warn you if any security risks exist on your phone. I only install apps from GooglePlay and Amazon’s App Store. (I use LookOut. It scans apps when they are installed to ensure that they are safe.)
Understand app permissions before accepting them. You should be cautious about granting applications access to personal information on your phone or otherwise letting the application have access to perform functions on your phone. Make sure to also check the privacy settings for each app before installing. One ‘flashlight’ app that we reviewed allowed the app to “Write to the SD card.” An app that turns on and off the phone’s light shouldn’t need access to the SD card.
Install security apps that enable remote location and wiping. An important security feature widely available on smartphones, either by default or as an app, is the ability to remotely locate and erase all of the data stored on your phone, even if the phone’s GPS is off. In the case that you misplace your phone, some applications can activate a loud alarm, even if your phone is on silent. These apps can also help you locate and recover your phone when lost. Visit CTIA for a full list of anti-theft protection apps. (LookOut has these capabilities, but I rely on SeekDroid for anti-theft protection.)
Install software updates. Both for your apps and for your phone operating system. You should keep your phone’s operating system software up-to-date by enabling automatic updates or accepting updates when prompted from your service provider, operating system provider, device manufacturer, or application provider. By keeping your operating system current, you reduce the risk of exposure to cyber threats.
Be smart on open Wi-Fi networks. When you access a Wi-Fi network that is open to the public, your phone can be an easy target for cybercriminals. You should limit your use of public hotspots and instead use protected Wi-Fi from a network operator you trust or mobile wireless connection to reduce your risk of exposure, especially when accessing personal or sensitive information. Always be aware when clicking web links and be particularly cautious if you are asked to enter account or log-in information. (I don’t use public Wi-Fi networks.)
Wipe data on your old phone before you donate, resell or recycle it. Your smartphone contains personal data you want to keep private when you dispose of your old phone. To protect your privacy, completely erase data off your phone and reset the phone to its initial factory settings. Now having wiped your old device, you are free to donate, resell, recycle or otherwise properly dispose of your phone. Remember to wipe out the SD card or simply remove it.
Report a stolen smartphone. Wireless service providers, in coordination with the FCC, have established a stolen phone database. You should report your stolen phone to law enforcement authorities and your wireless provider. This will notify all the major wireless service providers that the phone has been stolen and will allow for remote “bricking” of the phone so that it cannot be activated on any wireless network without your permission.
