Cell phone security

30 tech experts share important steps to securing your smartphone

Just a few years ago, cell phone security was the last thing on most users’ minds. But today, keeping your data secure on your smartphones is just as critical as securing your desktop and laptop computers. Perhaps even more so, given the many tasks people carry out on their mobile devices – often on public, unsecured Wi-Fi networks. For instance, handling banking via your smartphone on a public Wi-Fi network can leave your personal data vulnerable to attack, leading to identity theft, stolen credit card numbers, and more.

There’s also the issue of malware, which can gain access to your smartphone via the apps you download from third-parties. In short, there are multiple security concerns that cell phone users should be paying attention to, yet most fail to recognize the importance of using sound security practices.

To help mobile users learn the best ways of maintaining their smartphone security, we reached out to a panel of tech pros and gadget bloggers and asked them to respond to this question:

“What is the single most effective way or step a smartphone user can take to keep their cell phone secure?”

Meet our panel of technology and gadget pros and bloggers:


Dusan PetrickoDusan Petricko

@LIFARSLLC

Dusan is the Digital Forensics Manager at LIFARS LLC, an international cybersecurity intelligence and digital forensics firm. He has a decade of experience in the information and network security field. Dusan often leads investigations of high-profile cases for Fortune 2000 companies.

“Some of the best things you can do to secure your cell phone are…”

Oftentimes, we rely on technology too much. It is not the latest gadget with the latest screen and touch technology, it is the information accessibility that interests the masses. The information stored on that gadget, however, has a higher value than the hardware itself. There are many ways to secure your cell phone, but usually the basic steps will take you the furthest. There is no silver bullet to secure your mobile device thoroughly, other than not using it, of course. The following three steps will help increase the security of your mobile device:

1. Passcode lock (which is not your birthdate or street number) – on most modern devices you’ll be using your fingerprint to unlock the device in 98% of regular usage – so do not worry about the code being too long. Using your fingerprint to unlock the device prevents “shoulder-surfers” from seeing your passcode and the temptation to steal your device.
2. Encrypt the storage – again, most modern devices have the ability to encrypt phone storage. Some of them do it even by default seamlessly without the user even noticing. If your device is lost or stolen, even the more advanced adversaries will have little to no chance of getting to your data. Imagine what would happen if somebody got to your photos, messages, e-mails, and would have ability to log onto your social networking accounts.
3. Set up remote wipe – again most modern devices support this functionality. It is as easy as setting up iCloud on your iPhone or Google Sync on your Android device! If you lose your device, you’ll be able to wipe all data remotely using this feature. Remote wipe occurs as the first thing when the device connects to the internet. Often, you can also locate your device using other features this service will offer you and thus finding your misplaced, beloved information gateway.

Bonus points: Set up emergency contacts visible from pin entry screen. On iPhone, you can set this up in the Health app by filling info in the Medical ID and making it visible from the lock screen. This feature is also available on Android – depending on your Android OS version, it should be available in settings. This might help if somebody finds your phone, or worse, something happens to you, and they will want to call your emergency contact. Imagine what would be the first thing you’d do when you find a lost phone. Most people would try to unlock it and browse to the content – probably without malicious intent, but why give them the opportunity? Better be safe now, than sorry later!


Robert SicilianoRobert Siciliano

Robert Siciliano is an Identity Theft Expert with BestIDTheftCompanys.com and a #1 best-selling author. He is fun and funny, but serious about teaching you and your audience fraud prevention and personal security. Robert is a United States Coast Guard Auxiliary Flotilla Staff Officer of the U.S. Department of Homeland Security whose motto is Semper Paratus (Always Ready). His programs are cutting edge, easily digestible, and provide best practices to keep you, your clients, and employees safe and secure. Your audience will walk away as experts in identity theft prevention, online reputation management, online privacy, and data security.

“There are a few important steps for securing smartphones and cell phones including…”

1. Phishing maneuvers are a leading way that cybercriminals steal data. Research shows how easy it is to get victims to fall for these scams: they receive an email that has an urgency to it (e.g., subject line: Get back to me asap). Inside the message is a link that the sender urges the recipient to click on. The link takes the user to a fake website that lures him or her into revealing sensitive company information.

2. The sender may pose as a bank or someone with authority. Even after being taught about phishing, you may still be suckered into clicking on a link inside an email – as staged phishing attacks have shown. To make things simple and to avoid confusion, simply do not click on any links inside emails. No exceptions. Tell them that nobody will be penalized for not clicking on a link inside an email.

3. Be suspicious of free download offers.  Clicking on these could activate a computer virus.

4. Buy applications from a trusted app store rather than from third-party sources. It’s hard to know what those third-parties’ true motivations are.

5. Protect all of your devices with passwords. If you leave a device unattended or it’s lost, could the finders get into any documents, or have to type in a password (which they don’t know, of course)?

6. All devices should have a wipe function. If the device is lost or stolen, all the data on it can be eradicated – remotely.

7. All devices should be set to erase all of the device’s data automatically after a set number of password attempts. This will discourage hackers.

8. All devices, especially Androids, should be required to have anti-virus software. This protects the device from malware that comes with an app that’s downloaded.

9. Never “jailbreak” or “root” a mobile device. Malware can infiltrate if the walled garden of the device is broken down because the user has manipulated the device’s factory-installed operating system.

10. Activate your update alerts immediately, rather than opt for “remind me later”. These updates patch up security holes so that evolving cyber-pathogens do not gain entry.

11. Wi-Fi in public is not secure. Even though connections to public Wi-Fi will say they’re not secure, not all users notice this alert, and some may not even know what it means. Instead, using a virtual private network (VPN) will significantly boost security for your sensitive data. A VPN service such as Hotspot Shield VPN encrypts all cyberspace transmissions, scrambling them so that hackers can’t make sense of them.

A significant volume of data leakage stems from simple carelessness and lack of information and knowledge about security. What have you done about this threat at your own company?


Eric BowenEric Bowen

@BroadbandSearch
@E_Bow15

Eric Bowen is a Content Coordinator and Assistant Developer at Broadbandsearch.net.

“At their core, modern cell phones are really just computers. As computers, they are open to a host of vulnerabilities relating to the software they run and the connections to the outside world that they make. I would say that the single most effective way to keep your cell phone secure would be to…”

* Limit your connections to the unknown. This would really include a number of steps on your part, but three can be accomplished rather easily without limiting much in the way of functionality for your device.

* Disable automatic connections to open WiFi and only connect to trusted networks. Data transmitted over any connection that you don’t fully control could potentially be compromised. If you absolutely need to access WiFi on an untrusted network, I would recommend using a Virtual Private Network (VPN), and always opting for web connections using HTTPS when possible.

* Disable the use of apps not downloaded from your device’s app store. There are rare exceptions, but generally speaking, apps on the Apple App Store or Google Play store have been verified to be non-malicious. Apps from unknown sources may attempt to provide undesired access to your device from third parties.

* Lock your device with a password. Limiting physical access to your device will also limit undesired and unknown access to your device.


GoodCellas.comFrank Cuffaro

Frank Cuffaro is the President and Founder of GoodCellas.com, a cell phone resale company based in Long Island, New York. Frank has been in the business for more than 10 years, and prides himself as a cell phone expert.

“The single, most effective way a user can keep their cell phone secure is to…”

Enable the pass code access lock feature, and use a strong alpha-numeric pass code. A typical four to six digit pin can be easily cracked in seconds, while a strong nine or more character alpha-numeric pass code could take years, or even decades to crack. Combining lower-case letters, upper-case letters, numbers, and special characters increases the strength of the pass code exponentially. This ensures that all of the user’s personal information and data contained on the phone are encrypted and almost impossible to access if the device is compromised.

Another useful method is ensuring that a software kill switch is activated such as iOS’s iCloud or Samsung’s Re-Activation lock. This allows the user to remotely wipe out all data contained on a device with a few clicks. However, by the time a user realizes their phone is missing and initiates the data wipe, it could be too late. The phone’s data could already be comprised, which is why enabling a pass code lock and using a strong, secure pass code is the single most important step in securing your device.


Lee MunsonLee Munson

@Security_FAQs

Lee Munson is a security researcher for tech comparison site Comparitech.com and an avid 140-character commentator via his @Security_FAQs Twitter account.

“While theft and accidental loss remain huge potential concerns for smartphone users, the possibility that their private conversations could be monitored and recorded by increasingly information-hungry governments is a growing concern. The most effective measure to counter that risk lies in…”

The choice of messaging service.

Users of Apple devices, for instance, have the company’s own iMessage service – which offers end-to-end encryption (undecipherable to anyone but the sender and receiver) on messages sent to other owners of the company’s products – to thank for keeping their communication private.

Meanwhile, owners of other devices can enjoy a similar level of protection via an increasingly large number of popular apps, including perennial favorite WhatsApp, which promises to scramble their messages in a way no law enforcement agency can circumvent, as far as we know.


Anna TateAnna Tate

@IPVanish

Anna Tate works in marketing communications for IPVanish.com.

“The single most effective way to keep your cell phone secure is to…”

Encrypt and anonymize every transaction. We, of course, recommend using a VPN like IPVanish – we do not keep logs, so your data is safe and encrypted. We also offer a kill switch, so if you lose your VPN connection, your Internet connection can optionally be disconnected as well, so as to not transmit sensitive data.

If you want to take an extra step or two, you can use an anonymous payment method, such as Bitcoin, so your financial data is not logged. You can create a separate email address for sensitive transactions through a service like ProtonMail. In short, the more anonymous you are, and the more precautions you take to encrypt your data, the safer your communications will be.


David XiongDavid Xiong

@JITOutsource

David Xiong is the VP of Technology for J – I.T. Outsource.

“The single best thing you can do to secure your cell phone is to…”

Use a stronger password by making it longer (good advice for any device that has a login or password). Take advantage of the 6-digit option on your iPhone. Your Android can have up to 16 digits for a numeric password.

 


Katrina PowerKatrina Power

@BestBackups

Katrina is a Canadian writer currently living and working in Hungary. She writes about technology, cyber security, and online backups for 4Choice.

“The best way to keep a smartphone or cell phone secure is…”

Ransomware is one of the biggest malware threats that exist today. And while many are familiar with the fact that it attacks computers, few know that it can attack mobile phones as well.

Given that many people keep a lot of their personal and financial data on their smartphones (not the type of information you want held ransom by cyber criminals!), they should take the necessary precautions to secure their smartphones from ransomware and other malicious technological viruses.

My top tips are to download a mobile security software and to properly backup your phone. That way, should your phone get infected, you can wipe and restore your phone without losing your data.


Zach TaijiZach Taiji

@azntaiji

Zach Taiji is a digital publicist for PulpPR, working primarily with technology startups to help fuel his passion for technology and gadgets. During off-hours, Zach moonlights as a graphic/web designer and photographer.

“Besides the obvious – setting a strong lock screen password – it’s important to…”

Set unique passwords for each of your apps. That way, if someone does get into your phone, they’re limited to the data they can access.

For instance, lock screen password 1234 won’t work when trying to access your Bank of America app, because it has a different password, effectively preventing valuable financial information form being accessed.

Make use of password manager apps like 1Password to keep track of all your different passwords.


Mike CobbMike Cobb

@drivesavers

Mike Cobb is the Director of Engineering at DriveSavers. As Director of Engineering, Mike Cobb manages the day-to-day operations of the Engineering Department including the physical and logical recoveries of rotational media, SSDs, smart devices, and flash media. He also oversees the R&D efforts for past, present, and future storage technologies. Mike makes sure that each of the departments and their engineers are certified and that they continue to gain knowledge in their field.

“Here are a few top tips for keeping cell phones secure…”

* Download phone apps from trusted sources only, like the Apple Store and Google Play. Do not put any unsolicited software on your phone.

* Back up your phone regularly. Make copies of important contents and store them on a computer hard drive or through a cloud-based backup service.

* Keep your operating system software and app software current with the latest updates from the manufacturer. Updates will likely include security improvements too.

* Shut down Wi-Fi and Bluetooth connections when you’re done, and be sure to only use trusted Wi-Fi providers.

* Some apps need permission to access personal information and some don’t, so be careful to check the privacy setting for any app before you install it on your device.


Bill CareyBill Carey

@RoboForm

Bill Carey is Vice President of Marketing & Business Development at Siber Systems Inc., which offers the top-rated RoboForm Password Manager solution.

“There are a few important ways all smartphone and cell phone users should protect their device security…”

90 percent of workers in the United States use their personal smartphones for work purposes. As the BYOD movement gains momentum, so too do security threats. There was a 25% increase – up from a 20% increase the year before – in malware infections on mobile devices in 2014.

Data security is one of the biggest risks. Employees who are using their personal devices for work put corporate content and data at risk – whether it’s contacts, messages, a sales report or new product information – whenever it is accessed from outside the corporate network or shared with multiple users. To be kept secure, data must be encrypted.

App security is also a risk. Employees frequently use consumer apps when doing work from their mobile devices. In fact, in a Cloud Security Alliance report, over 70% of CIOs and CISOs admitted they don’t know the number of applications and IT services used without their consent. However, most consumer apps don’t have strong encryption standards or enable secure data transit. They do not provide the required enterprise-grade security and archival capabilities, and this leaves users (and their employers) vulnerable to attack.

Device security is another issue. If a device is lost or stolen, that puts companies at risk, especially if the data and apps are not properly protected. Given that 1 in 10 smartphone owners are victims of phone theft, according to Lookout Mobile, and that on average consumers lose their phones about once a year, this is a big risk.

The most important strategy is to password protect your phone and data. If an employee is using their personal devices for work and that device is lost or stolen, cyber thieves may be able to log in and collect sensitive company data, as well as personal account information. However, 62 percent of smartphone owners don’t password protect their devices. Password-locking your phone is essential for protecting your information.

Sensitive data on your phone (or the apps they are in) should also be protected with a strong password that contains upper and lowercase letters, as well as numbers and symbols. Consider using numbers and symbols that resemble letters to strengthen your password while keeping it easy to recall, e.g., “B@seb@11” instead of “baseball.”

In addition, it’s a smart idea to use a different password for each secure site and change it every 30-­60 days. When a data breach occurs, cyber criminals often sell the information to third parties before the theft is detected. If you change your password regularly, you’ll have a better chance of ensuring that a new login protocol is in effect when the third­-party buyer tries to use your password.

To keep track of all these passwords, consider using a password management system. Passwords are the first line of defense, but creating strong, unique passwords and changing them frequently can be a hassle. Password management software automatically handles password creation and changes, and only requires users to remember one password.

It’s also important to be wary of phishing scams. These scams occur when a cyber thief calls or emails while posing as a banking or merchant account official and attempts to collect login information. A sophisticated scammer can create a site that looks legitimate, so never give out unsolicited account information or provide information through a source that is not secure.

Finally, make sure employees know how to keep company information safe. In the “bring your own device” (BYOD) era, it’s more important than ever to make sure team members understand how to operate safely online using their own devices or company equipment. Provide employees with the training and resources they need to operate devices safely.


Lewis DanielsLewis Daniels

@SalvadorPartner

Lewis Daniels is the Founder of Salvador Partners.

“Initially the first thing you can do to secure your smartphone is to…”

Add apps for things like antivirus. Then you need to look at what aspect of securing your device you are aiming for: is it securing the communication channels, securing the data at rest or authenticating into a system or service on your device?

Some obvious advice is to only download apps from trusted sources – iTunes and Google Play etc., and utilize features like biometrics on your device. Finally, keep your device’s regular updates up to date.


Silvana DemeterSilvana  Demeter

@silvidemeter

Silvana Demeter is a tech enthusiast, cybersecurity fan, PR professional, dog person, wanderlust sufferer, and daydreamer. Efficiently combining top notch security software promotion with the fight against censorship and freedom of speech, Silvana is aiming for a free Internet where digital citizens can enjoy privacy and are free. She works for CyberGhost VPN.

“Securing a phone can be done in various ways but ideally, one would use only…”

One product to keep private data secure and avoid phone hijacking. Judging by the infection vectors, a cell phone, and the data on it can be compromised through various means, each different but with similar consequences: personal data theft, privacy infringement, financial fraud, unwanted access to content on the phone, access to personal accounts, or even access to the camera or mic.

A product that protects users from becoming a victim is a complete VPN security solution such as CyberGhost VPN. Once connected to a VPN, all communications are encrypted, no intercepts are possible while on WiFi’s or on mobile data. With an integrated anti-malicious websites module, CyberGhost warns users about the lurking dangers online. Given that more than 60% of the attacks are made through unsafe websites, this tool comes in handy when making online payments or providing sensitive information. Users can enjoy a private browsing experience while tracking attempts are blocked. A sole antivirus solution doesn’t encrypt data so connections are still vulnerable.


MiPhone DoctorJeff & Deadrea Clemmenson

@PhoneDocFresno

Jeff & Deadrea Clemmenson are iPhone repair technicians and the owners of MiPhone Doctor of Fresno.

“The single most important thing cell phone users can do to stay secure is to…”

Read the full detailed description of any app you download. You’ll be shocked at how many of them request access to things they don’t really need such as your camera, flashlight, speaker, contacts, and more. Find an alternative to any that are too intrusive. They might have just been a lazy developer…or they have motivations beyond selling an app in mind.


George TatarGeorge Tatar

@akruto

George founded Akruto, Inc. in 2010 to help people keep their private information safe and readily available wherever they go. Prior to founding Akruto, George managed teams of engineers at large companies as well as successful start-ups. George received his Master’s degree in Information Technology from Harvard Extension School in 2005. Prior to that, he attended Boston University, where he graduated summa cum laude in 1988 with a Bachelor of Science in Engineering.

“The simplest thing one can do to secure his or her sensitive data is to…”

Start owning it. Move away from storing private and sensitive information in the public cloud, where it can be stolen or leaked. To quote Steve Wozniak, co-founder of Apple, “With the cloud, you don’t own anything. You already signed it away.”


Andrew McDonnellAndrew McDonnell

@AsTech_infosec

Andrew serves as the principal security consultant for AsTech Consulting, independent cyber security experts specializing in software and IT infrastructure security. Andrew has designed enterprise vulnerability management programs and developed robust security practices into software development life cycles (SDLCs) for Fortune 1000 clients.

“If I have to pick one thing, the most important thing you can do to enhance cell phone security is…”

Software updates. Keeping your software current will protect you from attacks that have been addressed by manufacturers. When choosing a phone with security in mind, it’s essential to select a model that will be updatable over its life. Hundreds of millions of Android phones are stuck on versions of the operating system that can never be patched and are trivial to compromise. I also want to sneak passcodes and encryption in here. Updates protect you from Internet hackers, and phone encryption protects you from attackers who get their hands on your phone.


Cherise Gutierrez Cherise Gutierrez

@chuckharold

Cherise Gutierrez is the CyberGal at SecurityGuyRadio.com & CEO of CyberThreatBeGone.com, providing network security solutions to small and large businesses.

“The single most effective step a user can take to keep their cell phone secure is…”

It’s user behavioral adjustments. Just as if you were securing your laptop or desktop: use strong passwords, don’t use untrusted Wi-Fi networks, use Https connections, check your application security, end point browser filtering, etc. It is more of a holistic approach than a single action.


Rob BoirunRob Boirun

@reviewster

Rob Boirun works for Reviewster.

“My biggest tip is to encourage people to use a…”

VPN on their cell phones. Mainly because if you are in public Wi-Fi spots, your connection is insecure. While using a VPN your connection would be encrypted so that there is not a chance your activity can fall into the wrong hands. There are free VPNs that you can use, but typically you will need to keep changing the IP because these come and go. There are also plenty of VPN providers that have apps that you can simply start up and press a button to get protected. Searching the app stores for a VPN will return plenty of options so that you can easily protect your connection.


Liz TheresaLiz Theresa

@LizTheresa

Liz Theresa is an online marketing expert and web designer who hails from the Boston area. She specializes in helping women launch and build online businesses they love. To download her free guide, visit www.liztheresa.com.

“There are so many answers to this question because there are so many things we do every day with our phones that compromise our security. In my opinion, one of the things people don’t do enough is…”

Protect their cell phone data security when using public WiFi. This is especially essential knowledge for any commuters who traipse through Starbucks or anyone traveling through the airport — if you are connecting to that public WiFi, your data has an extremely high risk of being compromised: emails getting read, documents and photos being copied and saved – who knows?

Bottom line: Use VPN. VPN stands for Virtual Private Network. VPNs allow you to access the Internet using a private network even though you’re connecting to public WiFi. I use privateinternetaccess.com personally (and am in no way affiliated with them), but have had a good experience and now connect to public WiFi without fear. Download the app to your smartphone and off you go!


Cliff RohdeCliff Rohde

@GoatCloud

Cliff Rohde is the principal and owner of GoatCloud Communications. Cliff has years of communications, technology, and advocacy experience in the for-profit and not-for-profit worlds. He built his first website in 1996.

“The single best thing users can do to protect their security on their cell phones is…”

Using public Wi-Fi? Use a VPN.

A central concern when it comes to smartphone use is WiFi security. There are many places where you can hop on to a free WiFi connection (think your favorite local coffee shop), but who else has hopped on, and is anyone monitoring what you do there? Do you bank online? Do you check corporate accounts? Even if you’re just checking your own email, do you enter password information? All of these online activities pose substantial security risks.

To prevent unwanted monitoring of my wifi connection, I often use a third party service called GhostPath (I have no connection with the company or service other than I’m a paid user; there are other similar services out there and you should research them yourself.). GhostPath allows me to create a virtual private network (VPN) connection, which is kind of like a tunnel – created via encryption – between my device and the Internet locations I’m visiting. All others are not invited inside that tunnel. It permits reasonably private and anonymous web browsing and can permit an end around to bypass unwanted web browsing restrictions. To get GhostPath working, I use the free OpenVPN app on my Android device. I frankly never get onto a free public WiFi hotspot without launching my VPN, and if it doesn’t work for some reason, I avoid getting online.


IP VanishJosh Gagliardi

@IPVanish

Josh Gagliardi is the CTO for IPVanish VPN and a software engineer from the dark ages of the Internet with five protocol implementations still in daily use. Today he focuses on VPN privacy and security, including creating products based on speed, encryption, and convenience. He also excels at finding analogies to explain security to non-technical folks.

“The most effective way to protect cell phone security is…”

Users should always use encryption apps to keep their cell phones secure. Whether they choose IPVanish VPN or not, and we hope they do, encrypting your data not only prevents hackers from accessing sensitive data, it also keeps your online presence and information private. IPVanish itself keeps no logs and is a Top Tier VPN – we have over 500 servers in 60+ countries worldwide.

Other benefits to using a VPN include eliminating geo-targeting, saving on long-distance VOIP calls, and bypassing censorship. We also now offer a kill switch so if your VPN connection is lost, it terminates your internet connection – keeping your data safe and secure.


Cesare GarlatiCesare Garlati

@prpl_foundation

Cesare Garlati is an internationally recognized leader in mobile and cloud security. Former Vice President of mobile security at Trend Micro, Cesare currently serves as Chief Security Strategist at prpl Foundation and Co-chair of the Mobile Working Group at Cloud Security Alliance.

“The single most important thing users can do to keep their smartphones secure is to…”

Be smart about the apps they install and use every day. When they get a new app, it’s important to download from a trusted source — for most of us that means going straight to the AppStore for iOS devices or Google Play for Android. Jailbreaking or rooting your devices in order to use “open repositories” or app stores exposes you to unnecessary risk, especially if you are not an advanced user.

Once an app is installed, keep it up to date — this applies to the applications on the phone and the operating system itself. New vulnerabilities are announced and patched every day, and every single app has the potential to compromise your device and your data. Don’t ignore those update notifications, even if they pop up at an inconvenient moment. It’s far too easy to perpetually delay updates until it is too late!


John KoetsierJohn Koetsier

@johnkoetsier

John Koetsier is TUNE‘s mobile economist.

“Here’s a super-simple way to enhance your cell phone security…”

Turn on Limit Ad Tracking. This will anonymize you to the vast majority of app and mobile web ads, and vastly increase your digital privacy on mobile.

I recently completed a study on Limit Ad Tracking, studying 1.3B installs by 150M people and surveying 4K smartphone owners. While 30% of smartphone owners think they have enabled LAT, only about 12% of iOS users and 20% of Android users actually have.


Eric BrantnerEric Brantner

@Eric_Scribblrs

Eric Brantner runs several blogs in a variety of niches. Some of his blogs get over 500,000 hits a month, mostly from organic search traffic. They’ve also been featured in USA Today, Time, MSN, TechCrunch, Fortune, and other top publications. He’s also been a freelance writer for 10 years. He’s now launched Scribblrs.com, a site where he shares his experiences and tips for those looking to start blogging.

“The simplest way for users to keep their cell phones secure is easy…”

Use WhatsApp for messaging. Now WhatsApp is encrypting all messages, so no one else can read them. This isn’t the case with iMessage, Slack, etc.


Jacob RalphJacob Ralph

@ClientBookCRM

Four years ago, Jacob Ralph co-founded Client Book CRM, a retail specific CRM and marketing platform for luxury retailers and jewelers. Today, he acts as CTO and Partner at Client Book CRM and deals with mobile security on a day-to-day basis.

“In my opinion, the single most effective way to help keep your smartphone secure is to use…”

A passcode or some type of locking mechanism with an aggressive time-out. This way if you aren’t using your phone for a short period of time, your phone will lock and you will be requited to type in a passcode, use your finger, or complete a pattern correctly to regain access. Believe it or not, this basic safeguard is sometimes overlooked, generally for the reason of convenience. If you don’t have some type of authorization control in place and you lose your device, anyone can gain potentially harmful access to your social media accounts, email, and any other application or service on your device that doesn’t require any additional authentication. Also, don’t set your password to 0000, 1111, or 1234. This will also put you at risk since these are likely the first combinations someone will try when trying to gain unauthorized access to your device. I’ve seen these taken advantage of on a number of occasions, specifically one where a colleague of mine simply did not set any type of locking mechanism on his device, lost his device, and someone found it and gained access then went on to maliciously take advantage of the situation.

I don’t think smartphone security is limited to just a good locking mechanism though. I’d also recommend:

1. Don’t give out your devices IMEI or MEID numbers. I’ve actually seen email scams where unknown senders pose as a representative from a telecommunications company such as Verizon and ask for these. It is not safe to give these out for a number of reasons such as the potential for hackers to use this information to clone your device and use it maliciously.
2. When on public internet access, use a VPN. In fact, I’d recommend always using a VPN. Personally, I have had a very good experience with Private Internet Access.
3. Set up a way to remote lock or remote wipe your device. There are different ways of doing this depending on your device but if you every loose a device with sensitive information or your device starts getting used maliciously, you can prevent potential damage or further damage.
4. Turn off WiFi and Bluetooth when not in use.
5. Stay up-to-date, especially when it comes to the device’s operation system. Generally new updates include security patches for security issues and vulnerabilities.
6. If you’re on Android or have a jailbroken iOS device, only download apps from trusted stores. This will help prevent you from downloading apps that try to access information you don’t want them to or apps that are malicious in one form or another.
7. Always factory reset and clear data on your device before you sell or recycle.


Emmanuel SchalitEmmanuel Schalit

@dashlane

Emmanuel, CEO of Dashlane, has more than 20 years of experience in executive management of global businesses and product innovation across the high-tech and media industries. He earned a master’s degree in Engineering at France’s leading Engineering school Ecole Polytechnique in Paris, and a Ph.D. in Computer Science from Université de Toulouse; he also studied in the Executive Education Program at Harvard Business School.

“To make smartphones more secure…”

Do not use Wi-Fi connections that aren’t yours (Think: your coffee shop Wi-Fi, the free Wi-Fi in your building, or even the airport). Also, delete Wi-Fi networks from your devices that aren’t yours, and make sure to secure your Wi-Fi connection with a unique, private password. In fact – use strong, unique passwords everywhere.


Saqib ZahidSaqib Zahid

@saqzahid

Saqib Zahid is a Senior Brand Strategist at PureVPN.

“The most effective way for an individual to safeguard his smartphone is to…”

Opt for the built-in encryption feature in the phone. Encrypting the phone will store all the phone’s data into scrambled unreadable form. In case the phone is stolen, the thief cannot access your emails, photos, and personal information as he cannot decrypt your phone without the PIN or password you set while encrypting the phone.


Yossi AmaraYossi Amara

@Outbrain

Yossi Amara (CCISO, CRISC), VP of Information Security, joined Outbrain in January 2014 from Conduit. A seasoned security veteran with extensive experience in information security, risk and information systems control, Yossi manages information security at Outbrain. In this role he is responsible for putting methodologies and policies in place, dealing with business continuity, and disaster recovery as well as data protection and privacy.

“The first thing a user needs to do is to ensure that they…”

Install a software which locks their device and allows them to conduct a remote ‘data wipe’ should their device be lost or stolen. Many companies will install a service such as MobileIron, Okta, or Airwatch, but there are a number of low-cost or free to install services that are available to all. Some of the best include Cm security, Avast solution, and ESET mobile and security anti-virus. All three solutions are available for Apple and Android based devices.

My second and very important piece of advice is to only install apps from known sources.


NextWorthBrendan McCue

@NextWorth

Brendan McCue is a gadget analyst and sales manager for Nextworth, the electronics trade-in and recycling service. With over 15 years of experience in the trade-in and buyback industries, Brendan has deep knowledge of the consumer electronic industry as well as an in-depth understanding of hardware and software for CE devices.

“The single most effective step a user can take to keep their cell phone secure is to…”

Run regular software updates. With the large amount of software and communication functionality in each phone (as well as all of those apps we love so much), security patches and bug fixes are always being released. The best thing to do is to run those updates which address vulnerabilities.


Steve J. HartmannSteve J. Hartmann

@HelloTech

Steve J. Hartmann is the Vice President, Marketing for HelloTech. HelloTech is an in-home tech support service based in Los Angeles. With same day appointments and simple hourly pricing, HelloTech is looking to become the Uber of tech support.

“Here are a few valuable tips for making your smartphone secure…”

1. Create a strong password for your mobile device. Make your password easy to remember but hard to guess. Don’t use common words, names. birthdays, or personal information.

2. Use device auto-lock feature. This will prevent your phone from staying open and available for others to access.

3. Don’t share your device with others. Mobile phones only have one user account; therefore, one password accesses all the data in the phone.

4. Delete text messages or emails that may contain sensitive information. If you need to send over a copy of your social security, passport, or any personal data, it is best not to keep a copy on any of your devices.

5. Be cautious about what applications you download. For the most part Apple and Android won’t let you install an app that has not yet been trusted or certified. However there are ways around this, so make sure the app is secure and trustworthy. If you have an iPhone, you want to download apps from the App store virtual market. If you have an Android phone, the Play Store virtual marketplace is the way to go.

6. Do not Jailbreak or Root your mobile device. Doing either of these will grant you access to free content but will put your phone and personal information at risk.

7. Ultimately, keep your phone backed up, don’t open any unknown emails, and don’t download apps from unknown sources.

leave a comment

Your email address will not be published.

Recent Comments