Tech Talk Logo

Top 6 Tips to Secure Your Mobile Device

There is a lot of information going around nowadays about internet security. For some people, it is a big deal that their information remains private, and others don’t concern themselves with it much. Today, more and more people are almost exclusively using mobile devices to access the internet, so it is more important than ever that you know your options to protect yourself and your information.

For whatever level of privacy you are concerned about, there are steps that can be taken to protect your information and your data. Here are the six biggest steps to take to ensure privacy of your mobile devices.

1. Software Updates.

There is a tradeoff when it comes to software updates. Older phones tend to get a little slower after an update because updates include additional overhead and features meant for phones with more powerful hardware, and the people creating the updates aren't usually as concerned about the lower amount of memory and slower speed of older devices. Because of this, you can keep your phone running quite fast if you never update your software, but this comes with huge security risks. If you are concerned about security, you are going to have to weigh the options of possibly slowing down your device, or keeping it secure, since the updates almost always have security patches.

I recommend installing all of the updates, and forgetting about the possible speed hit, since not only are the speed hits almost unnoticeable, but sometimes, like with the most recent Android system update for my Samsung device, there is actually a huge performance increase. The security risk for not installing updates is too great to just ignore for some small performance benefit.

2. Antivirus software.

Your phone is susceptible to viruses. It doesn't matter if it is an Apple, Samsung, LG, or HTC, there are viruses that are out in the wild that can infect every phone. Usually, these viruses aren't like they were in the old days. Back before the internet was a major thing, and for some time into the internet era, viruses mainly intended to just destroy data and programs. Today, viruses generally tend to try and steal clock cycles and internet bandwidth. Once they are installed, they will run in the background, sending and receiving files, emails, attacking servers, or running code to make the attacker money. These things all rob your device of speed. In order to combat these, you need to make sure you are running anti-virus software. Usually, anti-virus is pre-installed for free by your carrier, but you may want to look into different options. Many antivirus programs add additional features that are helpful too, such as "Find my phone", which allows you to locate the last place your phone reported its location, and "Phone wipe", which will allow you to wipe the data on your phone remotely to keep anyone from being able to access the data. Whatever you do, run something to protect yourself.

3. Add a security code.

There are several ways of securing your phone so that nobody can use it but you, but some ways are better than others. The most secure method, at the moment, seems to simply have a pin code. There are other ways to verify you are who you say you are, but they aren't quite as secure. For instance, pattern codes might be quicker to enter, but they are easier to guess than pin numbers, especially on older phones. No matter how good the glass on your phone, repeatedly touching the screen in a specific area, such as swiping a pattern, will cause scratches. By looking at the scratches, it is possible to reduce the number of codes necessary to try to guess your pattern. A fingerprint, while seemingly great, can be stolen from you by force. For instance, a court can't require you to give up a pin number, and won’t grant a warrant to force you to give it up, but they can require you to give your fingerprint in order to open your phone, and if you don't do it voluntarily, they can physically force you to provide it. An attacker can physically force you to give a finger swipe as well. Facial recognition is even worse because all they have to do is put the phone in front of your face to open it up. So, the most secure method of locking your phone is still the simple pin number.

Some people hate the idea of entering a code every time they open their phone though. For these people there are options. You can change your security settings to assume that certain places are safe zones, such as your home, and you will only be required to enter the code once when you first use your device in those areas. You can also link your phone with devices such as Bluetooth headphones, or smartwatches, which ensures that as long as your device is linked with those devices, you won’t have to enter a code. These things are a trade-off between security and convenience, and you will need to decide how much security you are willing to give up for the convenience of not having to enter a code.

4. Encrypt your files.

Newer phones will often automatically encrypt your data on the storage medium, but on other phones, it is an option you have to choose. If your phone doesn't automatically encrypt your data, you should choose the option to encrypt it. Depending on the phone, this can add the requirement that you enter a pin before the phone can boot up all the way, but that only happens when you turn it on. It just remains unencrypted while it remains on. To encrypt it again, shut it off. At one time, this kind of thing would have had a big performance hit, but on today’s devices, you won’t notice any slow down due to having your files encrypted.

One thing to keep in mind about encrypting files is the ability to recover files in case of the failure of your device. For instance, I can do what’s called a “chip off recovery” on older phones that don’t encrypt the data. That is where I remove the chip from the phone and insert it into a device to copy all of the data. I can then copy all the data onto some other storage medium, as long as the chip itself is not damaged. If you encrypt the data though, which is how all the most recent phones are by default, I have to actually repair the device to a level that it can boot, and the screen can be used in order to enter a password to decrypt the data. The chip off method has a much better chance of success.

5. Use better passwords and a password manager.

Companies get hacked all the time, and passwords are found through many of these hacks. If you always use the same login and password everywhere, you are running the risk of someone being able to hack other accounts you have. For instance, if you use the same password for Facebook as you do for your email address, you have just given access to a hacker that got your Facebook login information to 90% of your online identities. From there, they can go to any place and enter your email address in the field, and if you didn't use the same password, all they have to do is click the "forgot password" link, and gain access through a password reset.

To avoid this problem, there are many apps out there that can store passwords for you, and even generate pseudo-random passwords for you to use for websites, and even in apps. The most popular one is LastPass, but there are others. Sometimes your device will have such things that come with your phone by default, such as Samsung Pass, but they usually don't store passwords for as many apps as some of the aftermarket ones. This helps lessen the possibility that someone will be able to use passwords across different sites and compromise your data. This is a touchy subject for some, since if someone figures out one password, they can figure out all your passwords, but I think that as long as you make a single very good password, and only use it for your password manager, you will be protected much better in the long run than using the same password for everything.

6. Use a VPN (Virtual Private Network).

You have probably heard people pimping VPN services tell you that you should use a VPN. Well, I'm not advertising for VPN services, and I'm saying that VPN services can help you be more secure. There is quite a bit of information that can be found about you from your IP address. The biggest one is your location. Just by your IP address, your location can be narrowed down to at least the city you are in, if not a portion of a city, and it is even possible to narrow an IP address down to the exact address. This information alone can be used against you by someone that has bad intentions. A VPN will hide this. On top of that, ISPs can limit or restrict your access to different parts of the internet, based on your traffic. With a VPN, your data is encrypted until it gets to the VPN server, which prevents them from preventing such access since they don’t know what parts of the internet you are going to, or what type of thing you are doing on the internet. If you are intent on security, it is best that you ensure that the VPN you choose doesn’t log your data, otherwise, they are simply another weak link like your ISP is.

Now, it is not absolutely necessary that you follow any of these tips. That all depends on how secure you want your phone and information to be. The more of these things you do, the more secure you will be. Of all of these tips, the one I think is least important is using a VPN. Almost all your internet traffic is transmitted through secure services now days anyway, so most of your information is still secure. The biggest benefit to using a VPN is to prevent your ISP or law enforcement from knowing what websites you view, and what services you use, by snooping in on your internet traffic. At least now you will know your options, and why to use each one.

***
Timm Simpkins is the owner of Talova Communications, a Peru company that specializes in fixing today’s technology such as phones, tablets, and laptop computers. They repair what others can’t. 765-319-3455. https://talova.com/