My post today shall cover some useful tips on securing your smartphones. While my focus shall be on the two most popular mobile operating systems in the world(I mean iOS and Android), my recommendations will be useful for every smartphone out there. This tutorial shall cover areas like; how to have all your data intact in case your phone is compromised, how to recover(some high-end phones by default and others via 3rd party app) your phone in the event of theft, How to avoid being scammed unknowingly via your phone and finally how to prevent your phone from being hacked
Smartphones have come to define us by being the portal to our online identity and as such should be treated with care and secured against any wrongdoing online (hacking) or offline (stolen). If you are not careful, losing your smartphone may mean more than just a loss in contacts and phone numbers. We’re talking about your social media accounts, your synced files, important documents, your emails, photos and messages. Your entire information is traceable and downloadable and may be shared all over the World Wide Web if you are not careful enough.
- Lock your phone’s screen: This is the default and the simplest way to protect Android when your phone or tablet falls into the wrong hands. These days you can set a PIN lock, pattern lock, password lock and, if your device supports it, a fingerprint or eye scanner lock. It’s so easy to do you really have no excuse. Head to Settings > Security > Screen lock to get started. Note: i choose fingerprint unlock as the best option. However there is a slight flaw with current fingerprint unlocks. Someone very close to you can use your finger to unlock your phone while you are asleep or unconscious. I have two ways of countering this; 1. if i want to sleep i will off my phone(if the phone is switched on for the first time, the fingerprint wont work unless you first enter your password) 2. and the most reliable one, i lock my app individually using an app locking app downloadable from googleplay store
Don’t download apps outside Google Play
By default your Android phone or tablet won’t let you sideload apps from anywhere other than the Google Play store, but it’s easy to get around this in Settings > Security > Device Administration > Unknown sources. Google has no control over apps outside its app store, so only those who really know what they’re doing should even think about sideloading, and doing so only from trusted sources. All you who search the internet for modded or cracked Apk, Please know what you are getting into. It is at your own risk
- Do not save all your passwords on your phone: Many users tend to save their passwords to online services and sites on their device, never once thinking about what it would mean to a person who got their hands on the phone. Avoid having all important passwords saved in your device particularly when it comes to banking or payment apps.
- Lock Your Apps Individually On Android: It is necessary to lock your apps, especially the ones holding private information that you wish nobody but you could see. This is a second layer of security to prevent anyone from using your lost device particularly if they have managed to bypass your locked Android. I usually use “app lock” from googleplay store to lock individual apps like Facebook, message, contact, or even whatsapp. Warning: do not use this against the law enforcement agents has it will do you more arm than good. If you are in Nigeria especially, you will open everything yourself once you are thoroughly tortured. Be law abiding, only secure yourself against people, do not use your phone to hide illegal information.
- Make sure you regularly update your Android or Iphone to the latest software unless you have a reason not to. Try as much as possible to avoid custom roms for android unless you are a mobile geek: app updates don’t just bring new features, but also bug fixes and patches to security vulnerabilities. You should ensure your apps are set to auto-update over Wi-Fi in Google Play’s Settings > General > Auto-update apps menu, and make sure you have have applied any new operating system updates in Settings > About Phone > System updates
- Always Backup your Phone’s data especially when the going is good: It is best to backup your phone while nothing is wrong yet. This is important especially in the event you lose your phone to hackers or your phone has got a virus. your backup can be restored and you continue as if nothing has happened. We have two major ways of backing Up, 1. offline backup(to your computer using a computer software) 2. Online to A cloud service like icloud, googgledrive, onedrive or similar cloud services. Note: Only major brand name phones comes with cloud options by default. Apple has iclloud. Other android has googledrive with 15gb free space. Samsung now has a pact with one drive for 100gb free space. You have to get a very fast and reliable internet connection to be able to backup your data to a cloud service. A backup of your precious data is a must-have in the day and age of smartphones. Picture the worst case scenario where your Android device has been stolen or hacked. The last thing you can do is perform a remote wipe (see #10). Without a backup, you will lose all your information in your device.Even if you could retrieve your stolen phone, chances are that hackers that have managed to access your device will render it useless. If you have a backup however, you can still restore your Android device back to its original state. You can choose to backup important information to the Cloud, your desktop or even to a flash drive, for insurance.
- Track your lost phone and possibly recover it: If you have a high chance of having your phone lost or stolen, it becomes imperative for you to always switch on your Gps and be connected to the internet all of the time. Secondly, Some brandname smart phones like Iphone and samsung has “find my iPhone” and find my phone services that allow you to track and locate your phone remotely.So you have a backup already but you really want to get your lost device back. Well, as the smartphone industry would have it, your phone is built to be trackable, via GPS. The catch is, you have to enable GPS on your phone for it to be tracked. Fret not because, there are plenty of device-tracking apps for Android that can help you locate your lost or stolen device, some can even turn on the GPS on your phone remotely and this can be used on other android phones without builtin tracking services..
- Enable remote wipe of your phone: This is at a point when you cannot possibley recover your phoen or maybe you do not feel like. You can remote wipe all android phones and all apple devices.So you are at the point where you have everything installed and ready to go. But, you still need one last feature – the ability for you to wipe your device remotely. This is necessary, especially when you are sure that your Android is lost (forever). You can make use of 3CX Mobile Device Manager because it is free and easy to use. You can sign up for the account here
- Using Android Mobile security / Anti-virus: Well I do not think android is now so porous as to call for an anti virus software. I have never used one before and my phone has never been compromised. However, if you insist, you can get some on googlplay like: avast, karpersky e.t.c. Android viruses are few and far between, and you’re more likely to find yourself in trouble by clicking on a dodgy link in Gmail or a text message and giving away too much personal information than you are to download a dodgy app. But it is possible. Some people like to install an antivirus app such as Lookout, Avast or AVG Free, but we’re not yet at the point where that is strictly necessary and usually all you need do to avoid Android viruses is to stick to downloading apps only from Google Play
- In addition to locking up individual application on Android, you can also use a secure app for your messaging: Where do your text messages go once they’ve left your phone, and can others snoop on them? That all depends on the service you are using. A secure messaging app often cited is Signal Private Messenger, which allows you to chat freely with your friends without its server being able to access your communication or data. Just keep in mind that any messages on your phone itself will still be visible to those who have physical access to it
Those wanting to secure their Android device will more than likely have spotted the encryption option in Settings > Security > Encryption. This scrambles all the data on the phone – apps, media and more – until you put in the decryption password, which you will need to do every time you turn it on. Encrypting and decrypting your data takes time, and for the majority of people it’s an unnecessary step that will simply slow things down. However, if your device contains extra-secure information, it’s a possibility you might like to consider.
Use secure Wi-Fi
I know this next one may be a bitter pill to swallow for Africans especially Nigerians. Smartphones and tablets are mobile devices, which means we are as likely to use them in a cafe or pub as we are our own homes. Provided free Wi-Fi is available, of course. Just don’t fall into the trap of jumping on to an unsecured wireless network just so you can take advantage of a free internet connection when out and about – whoever is providing that ‘free’ internet connection may be taking a great deal more from you in return
We do not need to Share all information
We’ve often complained that people are sharing too much information on social media, such as publicizing the fact they are going abroad for a week on Facebook and leaving their home vulnerable to burglars (don’t do that), but with Android you may find you’re sharing too much information with yourself.
Android uses the Chrome browser, which you may well also be using on your laptop or desktop PC. The ability to sync your bookmarks, passwords and more through a Google account (which is also tied and automatically logged into your email- and other Google accounts) is an awesome timesaver, but it could become an issue should you lose your phone or tablet or it gets into the wrong hands. All your logins, passwords and sensitive data within your emails will be available to whoever finds your Android device and knows where to look for that stuff.
You can control what data (particularly passwords) is stored by Chrome by launching the browser, tapping on the three-dot icon at the top right of the window, and choosing Settings > Basics > Save passwords. Also open the Settings menu in Chrome, tap on your account, then choose what data is synched.
Becareful of the permissions you grant your downloaded app
A benefit of downloading apps only from Google Play is that it will tell you which permissions an app requires before you install it. There is often a good reason for apps needing access to seemingly unrelated facilities on your phone, such as games that want to view your contacts (to allow you to compete against your friends) and messaging apps that want to access your camera (to allow you to send picture- and video messages). However, if you can think of no reason for an app needing a particular permission, don’t install it.
New in Android Marshmallow is the ability to manage app permissions and control what an app can and can’t do on your phone even after you’ve installed it. Should an app need a permission you haven’t granted, it will prompt you for permission before it does its thing. You’ll find App Permissions in Settings > Apps > App Permissions
- [Anti-Hacker 1] How careless are you with your phone handling: Avoid leaving your phone alone in a public place, such as on a restaurant table or on your office desk. If you must leave the phone, keep it locked and hide it somewhere, such as in a drawer, to prevent theft.
- Ant-Hacker 2 Delete Unsolicited: Delete text messages from unknown senders that ask for your information, and avoid clicking links in messages. Some hackers send messages that appear to be from your bank or another trusted source. If you click the link in the message, the hacker can steal your information or install malware on the phone. Don’t download apps via text message; this is a common way for hackers to infect your device.
IPHONE / IPAD / IPOD TOUCH EXCLUSIVES SECURITY TIPS Against Hackers!!!
While Apple’s iOS system is pretty secure, there are ways to make sure that your iPhone is as secure from hackers as it can be
- Another step you can take in the war against hackers attacking your iPhone is to activate ‘Find my iPhone’. The app was originally optional, but with the introduction of iOS 9 Apple made it a default app that can’t be deleted. But why will activating Find my Friends help protect your device against hackers?
Simply put, if you loose your iPhone then you can log onto Find My iPhone from another iOS device or via the web and remotely wipe your device, taking your personal data with it. This means that even if the hacker did manage to gain access to your lost/stolen device, they’d find nothing. To remotely wipe your iPhone, log in to the Find my iPhone app (or iCloud website), select your iPhone, tap ‘Erase iPhone’ and confirm the action. The next time it has an internet connection (if it doesn’t already) it’ll automatically wipe itself.
- While you can up the passcode to six digits in iOS 9, that may still not be enough to deter hackers.
What can you do instead? Use a passphrase instead. While passcodes only use numbers 0-9, a passphrase includes numbers, letters, symbols and case-sensitivity which should make your iPhone a lot harder to break into – although it may take a little longer to unlock your iPhone when you want to use it. To change from pin to passphrase, open the Settings app and go to General > Touch ID and Passcode > Change Passcode, tap ‘Passcode options’ and select ‘Custom Alphanumeric Code’. You should then be prompted to create a more complex password comprised of not only numbers, but letters, symbols too.
Auto-wipe iPhone content:
The idea is that after ten incorrect passcode guesses, the iPhone will automatically wipe all content and thus make the smartphone useless to the hacker. It’s slightly worrying as we’ve known people to accidentally activate the feature (usually when under the influence of alcohol!) and delete all their personal information.
These are usually the same people that tend not to use automatic iCloud backup, so if you do enable the option we’d advise also turning on automatic iCloud backup so if your data is wiped (due to an accident or someone trying to hack you) you’ll have everything saved in the cloud. To enable the rather nuclear option, simply head to Settings > Touch ID & Passcode, scroll to the bottom of the page and toggle on ‘Erase Data’.
- For whatever reasons, Avoid opening unknown links: if you receive an unknown link via text, email or randomly on the web, don’t click on it. This could potentially pose a threat to your device and even though it may not be able to hack your iPhone directly, some pose as popular email clients like Gmail to gain access to your email account. The pages usually look pretty close to the real thing, so this type of scam is fairly common and it always pays to keep your wits about you.
The general rule is that if you don’t trust the look of the email/message then just don’t bother opening it. The same goes for email attachments too, although there aren’t many (if any at all) cases where hackers have been able to gain access to an iPhone via this method, and this is more of a general tip.
- Revoke app permissions for untrusted Apps:
When you use iOS apps you’ll often be prompted to allow the app to access things like the camera, microphone, contacts, etc to use the app to the fullest extent. Even though allowing access means you can use every feature of the app, the app may also be able to access your private information.
- Turn off Siri: Siri, is a great feature of iOS and provides users with a way of using their smartphone hands-free. However, no matter how helpful Siri may be to users, it can also provide hackers with personal data. Yes, Siri will often ask for some kind of verification before allowing access to contacts, photos and other types of sensitive information. However, there have been multiple occasions where people have found workarounds completely bypassing the iPhone passcode and providing easy access to the device.
To disable access to Siri on the lock screen, simply head to Settings > Touch ID and Passcode and toggle the “allow access when locked” option off.
- Turn off auto-fill and avoid iCloud photo leaks & hacks:
As usual on the web, famous women get the worst treatment – which in this case means the widespread posting of nude photos. And in a lot of cases an iPhone, or an iCloud account, has been involved.
That doesn’t mean that Apple hardware and software services are fundamentally insecure. In fact, we feel confident in saying that the iPhone is the most secure mainstream smartphone on the market right now. But it does show that nobody can be complacent about the security of their most personal data and photos.
There are various ways to ensure that your intimate photos aren’t stolen and posted online by hackers: two-step authentication and an audit of your secure questions are both a good idea.
The same can be said about Apple’s auto-fill feature in Safari. Apple’s Keychain stores website logins, prompting users to save the information after successfully logging into their account. It’s a hugely handy feature as it means we don’t have to remember the login information for the myriad of websites we browse – and the same goes for credit/debit card information. Simply tap a button and Apple will fill out all your credit/debit card information, apart from your security code.
However, if a hacker does manage to gain access to your iPhone, it provides them with access to all your online logins. To disable keychain and auto-fill, simply go to Settings > Safari > AutoFill and toggle off each option……..source: macworld
In the world of today, our mobile devices has become our companion and it can amount to massive inconvenience and frustration to have it lost or stolen. The tips above will surely guarantee you do not lose your sensitive data to the wrong hands. Only if you follow them to the last letter.