All Sections

Smartphone Security: Top Tips

You’ve just got a new phone for Christmas and it’s amazing. It’s got a great camera, it can hold thousands of MP3s and it does everything. By now you’re fairly enamoured with it and it’s already become a part of you. You wouldn’t know what to do if you lost it, somebody stole it or… it doesn’t bear thinking about.

The sad truth is that people do lose phones and phones do get stolen. Especially fancy, expensive ones that’ve been given as Christmas presents.

The good news is that there are a few things that you can do to make locating and getting your missing phone back easier (or at least a distinct possibility). And, if it’s looking like there’s no chance of getting your phone back, there are measures that you can take to ensure that any private information stays private.

As well as this, there’s also things that you should keep an eye out for when you’re using your phone. It’s becoming increasingly common to hear about security exploits and malware affecting phones, particularly Android phones, so brushing up on some security know-how has never been more important.


Phone Security: Secret codes and passwords

Don’t save passwords

The whole point of passwords is so that anyone who picks up your phone will have a hard time getting accessing secure information.

So when a website or app asks to remember your password, we’d recommend to always choose the ‘Never’ option. The inconvenience of having to enter your password each time has to be less worrying than the thought of someone getting hold of your PayPal details.


Lock your phone with a PIN number or password, enable auto-lock where possible

Lock your phone with a PIN number or (even better) a password if possible. We’d recommend not using the Android 3×3 locking grid; if the touchscreen of your phone is particularly fingerprinty, it’s easy for someone who picks up your phone to discern the pattern by holding it at an angle.

And if you’re going to use a four-digit PIN, please make sure that it’s not one of these.
Finally, where possible, enable an auto-lock setting so that if your phone falls into a dormant state and the screen goes blank, the phone will be locked whenever you pick it up again. Many phones have this as a default setting already so you won’t necessarily have to do anything.

 


Add a new PIN number to your voicemail

The PIN number for your phone’s voicemail account will be a default password depending on which network you’re on. Your voicemail can therefore be accessed by anyone who gets through to your voicemail, presses the ‘*’ key and then correctly guesses the voicemail PIN.

If your voicemail PIN Is the default network one and you haven’t set one up, then you’ve effectively handed someone the keys to your voicemail.

Changing your voicemail PIN however is easy; we’ve published a detailed guide on exactly how to do it here. Even if you don’t check your voicemail very often you should definitely change your PIN.


Phone Security: Surfing clever

Don’t respond to suspicious emails or text messages

Any emails or messages that come from suspicious looking sources ought to be treated with suspicion. Where possible flag as spam anything that doesn’t look totally kosher (in the case of emails) before deleting and immediately delete any dodgy-looking text messages.

Turn off Bluetooth and Wi-Fi when not needed

As well as eating a hole into your battery, turning off Bluetooth and Wi-Fi when they’re not needed is a smart move; any active wireless connection to your phone could potentially see your phone hijacked and compromised.

If your phone has Bluetooth on and its discoverable there’s every chance that your phone could either be directly hacked or could be infected by a virus.

For this reason we’d recommend only having Bluetooth turned on when you’re using it and even then making it undiscoverable after you’ve paired devices. The same goes for Wi-Fi; if you’re connected to an open, public Wi-Fi hotspot on your smartphone, there’s potential for danger there as well.

Only install if you’re app-solutely sure

The open source nature of Android allows for some great possibilities such as custom ROMs and the ability to root your phone. But the flipside to this freedom is that there are also an awful lot of spam apps in the Android Market.

We regularly hear stories of premium rate Trojans masquerading as popular wallpapers and games in the Market and people falling for them.

Our first rule of thumb when downloading apps from the Market is to only download apps and games that you’re 100 per cent sure are safe and legitimate. Don’t download anything Angry Birds unless it comes from Rovio, or you really, really, trust the developer.

Which leads us on to our second rule; trust. If you like the look of a neat utility app, check out the developer’s website. Does it look safe? Are there any positive user reviews? Has the dev left an email address/Twitter handle so you can get in contact? Are you comfortable with the permissions that the app is asking of you?

If you see a Hello Kitty wallpaper app that’s asking permission to read your phone state, access the internet and access your contacts and it hasn’t been made by Sanrio, we’d be a bit suspicious.

This goes for apps installed from third party locations as well. Apps downloaded from sites like GetJar are safe bets but other sites and app directories might not have the best intentions.


Phone Security: Remote controls to locate, lock and wipe your phone



Install a security suite

As well as exercising diligence with what you choose to install on your phone it’s not a bad idea to go one better and get an anti-virus app on your phone as well. The better ones out there will automatically scan any apps that you download and alert you if there’s anything suspect.

Top apps include Lookout Security for iOS and Android which does just this, while acting as a service that will track your lost phone, using cellular data and GPS (if its turned on) to pinpoint your phone’s location on Google Maps.

Free to download, this is one of the better ways of locating your phone if it goes missing, it’s been stolen or you’ve left it on the train. If you think that your phone has indeed been stolen, then you’ve got the ability to remotely erase all information on the phone, deleting contacts, pictures and other sensitive information.

iPhone owners also have the option of using the MobileMe and Find My iPhone apps to track their lost iDevices. Free to those running iOS 4.0 and above, this allows you to track your misplaced iPhone by going to http://me.com and signing in with your Apple ID.

BlackBerry owners can make use of the free BlackBerry Protect app to find and/or remote wipe your handset via logging in with their BlackBerry ID at the BlackBerry website.

Windows Phone phones get this functionality built in; you can track, remotely lock or wipe your phone by going to windowsphone.com and signing in with your Windows Live ID.

  
Keep up to date with your updates  

As and when major security loopholes emerge, mobile OS developers are pretty good at keeping on top of things. When it emerged that the Smart Cover for the iPad 2 could unlock the screens, Apple quickly rolled out an update to iOS 5. Similarly, Google wasted little time updating Android 2.3.3 Gingerbread to 2.3.4 when a major security loophole became known. Keeping your phone’s software updated to the latest version is another good way to stay as secure as possible.

Lead image credit: Flickr user CarbonNYC

Comments