10 Tips to Secure Your Smart Phone

November 05, 2013

In the days long before smartphones, I had little worry that someone was going to steal my flip-phone and even if they did, the most they could do was mess up my high score on my “snake” game. But now, in an age where we mobile bank, shop, and social network on our smartphones, you better believe my phone is always within view and reach.

But besides carrying it everywhere we go, what else can we do to keep our smart phones safe? The San Diego BBB is here with 10 tips for securing your smartphone and all the data stored on it:

1. Use a password: Even though this is the most basic thing to protect your phone, it is often overlooked. Having no access protection becomes an issue if your phone is ever lost or stolen – giving access to your email, browser history, applications (where personal information may be stored) to whoever gains access to your device. Swipe patterns are usually okay, but a four-digit pin is usually best.

2. Ensure your device self-locks: Most smartphones with allow you to set them up to automatically lock themselves after a period of inactivity. Choose the shortest timeout that you are comfortable with; recommended periods usually range from two to five minutes. While at times this may seem inconvenient, it will protect your device and information during times when you don’t manually lock your phone.

3. Install security software: Treat your smartphone like you would your computer and install security software accordingly. Apps that include malware prevention, remote data wipes, and privacy reviews alert you of potential risks to your device.

4. Only download apps from approved sources: Download your apps from a trusted source; the Google Play Store or Apple App Store take security very seriously and with withdraw apps that raise concerns after release. In addition, read user comments and reviews of apps before downloading; if there are any present security concerns, chances are someone else may have already mentioned them.

5. Check apps’ permissions: Many apps require more than basic default permissions. For example, many will force you to enable “location services,” ask for access to your contacts list and more. Be wary of an app like an alarm clock or calculator though that asks for these permissions – something may not be right.

6. Update your operating system: By updating your operating system, you are often patching up vulnerability in your device – it’s important to therefore install the update. To be safe, enable your device to alert you when there is an update available, instead of automatically installing.

7. Be wary of email or text links: Exercise caution when opening emails or texts that feature links – these are often linked to phishing scams. Whether they prompt malware to open on your device or trick you into sending personal information, these messages are dangerous. It’s best to not answer to these messages and delete them – replying to these messages may raise the scammers interest in you, leading to more pressure to respond.

8. Encrypt your device: Even if you’ve secured your smartphone with a password, a thief could still plug in your device into a computer and gain access to all of your personal information. Using encryption on your smartphone can help prevent such data theft.

9. Turn off auto Wi-Fi: While being able to connect to the Internet from our smartphones is great, continually connecting to WiFi hotspots is dangerous and may blindly give away information about your location and identity, as well as potentially allow someone to gain access into your apps and browser history. So tell your phone to forget networks you no longer use and configure your phone to turn off/on wireless in public places.

10. Turn off Bluetooth when not in use: Bluetooth and NFC (near field communication) are great in terms of connectivity, but open doors for scammers to gain access to your device and your data. Switch these features off or put your device into “not discoverable” mode whenever possible. Also, be careful when pairing devices – never accept requests from unknown devices.