This means that it is just as vulnerable to security threats as any other computing device. If you use your phone for work as part of a BYOD programme then it’s attractive to hackers as a potential backdoor route into your employer’s network.
But while most of us are now quite fastidious about keeping up to date security software on our laptops and desktops, we are less inclined to do so on our mobile devices. What then are the best ways to protect your smartphone and keep it and your data safe?
As with any computer or another device that is connected to the internet, the most common weak spots are found in old or unpatched versions of software. These can be exploited by hackers to gain access to the system. While updating your system regularly can be a bit of a pain, doing so is a good way of ensuring you stay safe. The best thing to do is to allow your phone to update overnight.
The same goes for apps. Developers are constantly releasing patches and whilst many of these are to address functionality issues, they commonly address security flaws as well. Make sure your phone’s settings are set to update all apps whenever you’re on wifi. That way you don’t have to do it manually.
You should be careful which apps you install too. While the process isn’t foolproof, apps on official stores such as Google Play undergo a vetting process to make sure they are safe. Installing apps from third-party sites introduces a much greater element of risk, however. Whenever you install an app you should always check the permissions too. If you are not comfortable with what you are giving it access to - contact detail or the camera for example - then you shouldn’t install it.
While we’re on the subject of apps, it’s a good idea to review what is installed on your phone from time to time and get rid of any apps you don’t use anymore. An old app that you haven’t updated for a long time could be offering a point of entry for hackers.
Installing a good security tool is also a good idea (you probably have one on your PC or laptop, so why not your smartphone). These will usually alert you when you install an app that is recognised as suspicious, they will also alert you to risky activity from any existing apps that may indicate they have been compromised.
It’s important to take the physical security of your phone seriously. If you lose or misplace your phone, someone could use it for all kinds of nefarious purposes. Make sure you set a six-digit PIN to unlock the device or use the fingerprint reader if your device has one.
You should be cautious about using ‘smart’ unlocking features that automatically unlock the phone if it’s in a particular place or near to another device - like a smartwatch - these could allow someone else to access the device.
Even if your device is safely locked, it’s a good idea to review which apps you allow to display applications on your lock screen. These could inadvertently give away important information to a thief or hacker - by revealing your work email, for example. On iPhones, it’s worth disabling Siri access from the lock screen too. There have been cases of hackers using Siri to unlock the device.
If you use your phone for business, it’s a good idea for you, or your employer, to install some kind of remote device management feature. This allows the data on the device to be wiped remotely should it be lost or stolen, reducing the risk of a data breach. Similar services are also available to consumers for both Android and Apple devices.
You should also be wary of using automatic logins; if you do then all a thief needs to do is open your browser to have access to your email, Amazon account, and more. There is a bit of a dilemma here because of course we are all being encouraged to use complex - and difficult to remember - passwords. If you need to save your logins, you should install a password manager app that requires a master password (chosen so that you can remember it) to login to other services.
One of the biggest risks to smartphone users comes from using open, public Wi-Fi networks. These are often found in coffee shops, railway stations, airports, hotels and so on. Using an unprotected public network puts the transmission of your data at risk. If you must use one, try not to sign in to any sites that require a password as this could be intercepted by a hacker.
To protect yourself, you can also install VPN software - this encrypts your traffic to and from the internet, keeping it safe from snooping. Here are two handy software lists for both Android VPN and IoS VPN apps.