By Admin - September 19, 2017 11:27 pm 0 608 0
Use a password to protect access to your mobile devices, especially if they are frequently carried outside the house. It’s also a good idea to have a tracking service that enables the device to be wiped remotely because once the bad guys have the hardware, it’s very hard to keep them out.
Obviously, you should have backups of all the personal data on your devices, including photos and emails. Backup and delete anything you don’t really need on your tablet or smartphone.
People tend to back everything up to online services (“the cloud”), sometimes without knowing it. However, you may be able to do it by plugging the device into a PC (where it should appear as an external hard drive), plugging an SD card into a PC, connecting the device to your home network, or using a program such as Sand Studio’s AirDroid. Any data in the cloud is outside your direct control, and – unless it’s encrypted – vulnerable.
Applying a password to your phone’s lock screen is a start, but particularly nefarious and skilled criminals may still be able to access your files, given enough time and access to say a stolen smartphone. Device encryption can be used put all of your files into a format that cannot be understood without first decrypting them with the proper key or a password that only you will know.
Encryption is a really tough form of security, hence why the FBI doing battle with Silicon Valley companies in an attempt to bypass it. However, it comes with a bit of a performance penalty on some older smartphones, although newer devices shouldn’t notice any issues.
Much like the lock screen, encryption options can be found under the Settings -> Security menu, where you will find options to protect both the data on your smartphone and microSD card if your device has a slot. Encryption can take a little while, so best to start up the process with a full battery and plenty of time to spare. For more information and a walkthrough of the steps, check out our encryption guide below.
Beware of Wi-Fi
Cellular data is a finite and expensive resource based on erecting tens of thousands of phone masts and (usually) charging users over £100 per year. It’s therefore very tempting to use free Wi-Fi whenever it’s available. This is fine when the Wi-Fi service is trustworthy – eg your own – but you can’t trust public hotspots. As for your workplace, it may have trustworthy Wi-Fi, but it may also be monitoring network traffic.
As with laptops, one solution is to use a VPN (virtual private network) that encrypts all your data to protect it from Wi-Fi snoopers. Android has a VPN client built in: see “VPN settings” on the wireless and networks page. Otherwise, try to use secure web addresses – ones that start with https:// etc.
Some phones may connect automatically to any handy Wi-Fi network, and if so, make sure this feature is turned off. Alas, even if you’re not connecting to random Wi-Fi networks, they may still be tracking you. This includes retailers who track your movements through their stores. Some people have even been tracked by London rubbish bins.
If you can do without Wi-Fi and Bluetooth when away from home, turn them off. If you must do mobile banking from a phone without a VPN connection, use your cell phone connection instead.
Use the lock screen
It seems almost nonsensical in this day and age to not have a basic password on your lock screen, even if it is a basic one. One of the first things wed suggest is to navigate into your devices security settings and enable a pass lock.
There are obvious benefits to having even a basic lock, but whilst face lock of Android might seem fun it isnt the most secure system out there, with many Google devices rating the effectiveness of each security system so you can make an informed choice.
Pattern unlocks and pins are some of the most secure but if you can handle the hassle wed always suggest a full alphanumeric password. Also, ensure that any boxes that say "make passwords visible" are also unticked.
If you want to take it one step further than wed also recommend changing your passcode regularly in case someone spots what youve typed in over your shoulder.
Find my device
While we are dealing with taking precautions against stolen smartphones, all Android users should take a little bit of time to check out Google’s Find My Phone feature. Previously known as Android Device Manager, this service is linked up with your Google account and can be used to manage all of your Android devices remotely, providing that they are connected to the web.
Find My Device can be logged into through any web browser via this link. From here you will be presented with a list of your devices, with options to track their location, make them ring in case your phone has stuffed itself down your couch, or to “enable lock and erase”. By enabling this last feature you will be able to remotely lock your smartphone or tablet, and even completely erase all of the data on the device if it’s stolen.
You can also find these same settings directly on your device. Head on into “Google Settings” and tap Security. Under Find My Device you can review and edit options for remote locking and erasing.
Update your software
Whether you are running iOS, Android or Windows Phone we will always advise you to grab the latest version of the OS available. This can be a little difficult with Android updates often taking a little while to go through the manufacturer and network testing but is well worth it.
Part of the reason we suggest grabbing the latest OS is because it comes with all the added bonuses whether its the Control Center of iOS7 or the clear bars on Android KitKat, but also because a lot of security loopholes will have been closed.
These updates dont just pop up in major iterations either; Apple is currently pushing out iOS 7.0.6 in order to close a problem associated with using Apple devices on an unsecured network.
Most manufacturers allow you to set your phone to check for updates automatically, so always make sure this box is ticked.
Picking tougher passwords
Along with just plain out not using a lock screen, weak or commonly used passwords are the biggest no-no if you’re looking to keep your data secure, both on device and online. Lists of the most commonly used passwords are published rather frequently and if your password of choice appears on that list, you should really change it. Disappointingly, the most common passwords rarely change, so here are some to definitely steer clear of:
As a general rule, a mix of cases, numbers, and special characters (where allowed) makes for the most secure password, and the longer the better too. 8 characters is really the bare minimum recommended, but moving up to 12 or 16 makes them so much harder to guess.
A strong password is a good start, but using multiple passwords is even better. You’ve no doubt heard about sites being hacked and passwords exposed, so it’s not very safe these days to rely on the same code for all of your accounts, apps, and websites. Of course, keeping track of all these different passwords can be a nightmare, but there are a number of apps out there that can help manage them all and can even generate very strong random passwords.
Android apps like LastPass, mSecure, oneSafe, and Keepass2Android each offer up their own selection of unique features for additional security. These include secure password storage options, two-factor authentication, and multi-device support, among others.
Unlike wireless networking, Bluetooth isn’t seen as a potentially risky venture for most mobile users, and the relatively short-range (around 10m) at which it is accessible does mean that it’s inherently safer. Attacks do still happen, however, and it’s important to be aware of the pitfalls of leaving this technology switched on when not in use. Hackers have found ways to remotely access a phone (provided they are within range) and use it to make calls, access data, listen in on conversations and browse the internet.
To prevent this from happening it’s a good idea to set default Bluetooth configuration to “non-discoverable” mode by default. This means that users around you who are searching for potential targets won’t see your device pop up on their list.
It goes without saying that any unknown requests that come through via a Bluetooth connection, such as a request to “pair” with a device or respond to a message from an unknown source should be ignored or declined. Bear in mind that the restrictive range of Bluetooth means that other users or devices must be within this radius in order to connect to your device, and as such busy places such as coffee shops, bars, trains, and buses have traditionally been opportunist environments for the Bluetooth hacker.
Disable apps from untrusted sources and dont root or jailbreak
Whilst it can often be a nice idea to download and install apps that arent found on the App Store or Google Play Store, these apps tend to be the ones that are less secure. Google, Apple, and Microsoft, as well as the likes of BlackBerry, keep tabs on the apps that are on their app portals.
This means apps that contain malicious code are likely to have been removed before you install them.
Rooting your Android phone or jailbreaking your iPhone can also prove really dangerous, especially if you dont know what youre doing. This is because it breaks down your OS and provides you access to the basic code within and if you can get access, malicious code has a much easier route to making changes too.
If youre more familiar with the world of rooting and jailbreaking then youll have taken measures to ensure the security of your device - so make sure youre certain you know what you want when altering your handset.
Backup your data
Discovering that a phone has been lost or stolen is bad enough, but even when discounting the potential damage that could be done by sensitive data getting into the wrong hands, important documents, contacts, messages, appointments and other information could take a long time to replace. Ensuring that regular backups are made is therefore essential, and there are a number of ways to go about it. Most modern phones now allow users to “synchronize” information with a computer or website for productivity or backup purposes. This can include e-mails and contacts with Microsoft Outlook, photos uploaded to online storage or proprietary software supplied by the phone manufacturer to simply backup key data in the event of the loss.
Some modern security suites designed for use on mobile devices also offer an automatic backup facility to take the hassle out of doing this manually. There is also a range of services that allow you to automatically backup specific data to an online resource, taking the hassle out of having to connect a phone to a computer. Provided you have a sufficiently healthy data plan or are connected to a wireless network, this is an excellent way to safeguard against loss.