When asked what the number one contributor to smartphone security is, I’m frequently met with scowls and looks of disapproval. People ask “which smartphone is safer for me to use?” The real answer to that question is simple. Your smartphone is as secure as you allow it to be.
Understand that there are certain aspects of phones that offer more opportunities for criminals to infiltrate your phone. I’ll be touching on a few of those here, but first we need to talk about problems users create. Naturally, we won’t be blaming anyone; if someone doesn’t know the right way to do something, they won’t know until they’re told or learn the hard way.
That being said, smartphone security can go wrong right from the get go.
The Dreaded Data Plan Dance
One of the first things smartphone users recognize is their bill. As they use their phones and start doing things online, they quickly begin to see the effect it has on their data. Then they see what kind of fees they end up paying for if they go over their limit.
The solution is usually to connect to a WiFi network and avoid using data as much as possible. In some cases that’s the perfect strategy, but not when the WiFi network is open to anyone. Unsecured WiFi (usually in the form of public networks) carries significant risks to your device.
By default, smartphones don’t usually come with any way to deal with the inherent risks of open networks. In that way, all smartphones are vulnerable. Yet this problem is easy to fix. Using a Virtual Private Network (VPN) to go online lets you avoid the risks of public WiFi.
A VPN service such as ExpressVPN, BufferedVPN or IPVanish (and that’s just to name a few) encrypts your internet traffic, makes your device anonymous and prevents hackers from intercepting your data. It’s essentially the only guaranteed safe way to use public WiFi. If you can’t swing a VPN, you’re better off sticking to protected networks.
“There’s an App For That” Syndrome
Whether you’re using your first smartphone or you’re upgrading to a new one, one of the first things most users will do is seek out apps to improve their mobile experience. Apps can do a lot of things. They can give you directions, play music and sounds, and even replace household tools such as the humble bubble level.
They can also endanger your device and steal your personal information. Apps require certain permissions to run; it makes sense that an app that sends messages would have access to your address book. It doesn’t necessarily make sense for your flashlight app to have that same access.
When users install apps haphazardly, they may end up giving away their personal information without realizing it. Worse yet, some apps come from official sources such as the Google Play Store but haven’t been properly vetted for safety. Android users beware, as this is not really an Apple App Store problem because they do vet apps before allowing them to be downloaded.
The worst offenders are apps that come from outside these app stores as there is no control over what you install from outside these environments. There are legitimate apps from outside the app stores, but they should be approached with abundant caution.
Be smart about what apps you download and make sure you have a security app on your device installed to scan new downloads to make sure they’re safe. You can get one for free on smartphones, so there’s no reason not to have one.
Convenience Is Also King for Criminals
Accessing your phone and accounts requires a certain amount of extra effort if you’re protecting both things right. Turning the screen on means putting in a quick lock screen password and using your accounts means logging in. Yet some would rather have these services always be accessible immediately.
Convenience comes at a cost. Without a lock screen password, anyone can access your device and everything else on it. When that gets combined with accounts that are always logged in or have their passwords saved for easier login, it spells trouble.
There are two areas of risk from this behavior. The first is when the phone gets physically taken while the second is when the phone is hacked or infected. In the first case, thieves can steal the device and remove anything from it if they desire. They can sabotage accounts or access private information with scarcely any effort.
The second case involves someone more technically savvy. Hackers can access saved data on an unsecured phone and use it elsewhere. That means saved account information and passwords can be taken and used without you even knowing! Only later when money is missing or your identity has been stolen will it become obvious.
For those reasons, you should always use passwords on your phone, and you shouldn’t leave things logged in if you aren’t actively using them. That means Facebook accounts, bank accounts or anything else that might involve your personal data. Avoid saving your passwords and make sure they’re different for each service.
The Eternally Out of Date
This may be the security mishap that more people are guilty of than anything else. On a smartphone, almost everything is updated sooner or later. Unless your phone is ancient, chances are there will be updates at some point.
Yet updates change things. They make things different and sometimes we lose features that we regularly use. As a result, many users choose to forgo updates for fear of losing what already works. I can really respect that and am sometimes guilty of the same thing.
Unfortunately, updates exist not just to bring new features but to correct security exploits that criminals have discovered. Without these updates, your device becomes vulnerable to the latest hack and could become a risk by neglect alone.
Even though it can be a painful process, you should always try to keep your phone updated. At a certain point, your phone may reach its limit for updates and the manufacturer may no longer support new software for it. At that point, it’s time to get a new one. The cost of a data breach is very likely considerably more than the cost of a new device.
There was one last thing: most device vulnerabilities are related to decisions the user makes, but that’s not always the case. Some phones come installed with “bloatware,” which is basically software that cannot be removed by the user without “rooting” or “jailbreaking” the phone to get admin privileges.
The phones with the least bloatware are going to be iPhones and Google’s Nexus line of phones. However, even those phones might ship with extra stuff installed if the network providing the phone wills it. Ever wonder why contract phones are so cheap? It’s not just because of the contract; all that bloatware helps pay for the phone.
That about does it for the basics of smartphone security. Feel like we missed something? If so, leave us a comment below.