Smartphones

Smartphones have been around for two decades, and, in the old days, used WAP (Wireless Application Protocol) or GPRS (General Packet Radio Service) which mainly let you browse the net on a small browser in black & white. Things have moved on, and now we have 3G, 4G, 5G, and, of course, Wi-Fi. Today a smartphone is really a portable laptop with potentially even more sensitive data like contacts or photos. Infections on smartphones occur less than on laptops, but such attacks cannot be ruled out.

Separate business and personal
It’s a good idea to have one smartphone for personal use and one for business use. Then, if one is stolen, the impact is only 50%. With software, MDM data is segregated and typically encrypted.

Secure your Google or iCloud account
These accounts not only store lots of data in the cloud but can locate your phone or wipe it remotely. Just look into the hack of Jennifer Lawrence’s iCloud account in 2018. Firstly, choose a non-obvious email address, pick a strong password, and use 2FA, ideally hardware based like a security key. If you use Apple, consider the Advanced Data Protection feature, which is included.

Use antimalware
Android malware, mainly in the form of malicious apps, does exist, so having 3rd party antimalware is a good idea. For iOS, it is pretty much impossible to get a product which acts as antimalware, and iOS is typically more secure than Android. Products for both operating systems usually do tracking, VPN, web, and SMS filtering as well.

Enable password protection
All of today's mobile phones can be protected by a password/pin/face/fingerprint. Enable this to stop someone from logging into your phone if it's lost or stolen. The pin is normally a four-digit PIN, but you can go higher than the default of four.

Enable auto data wipe
By enabling auto data wipe, anyone who enters the wrong pin more than five or ten times will trigger the device to 'self-destruct', which will remove any personal data and reset the storage.

Change your voicemail pin
The News of The World phone 'hacking' scandal revolved around the default voicemail pin. To stop someone guessing your voicemail pin, change it, but not to something as obvious as a date of birth or 0000.

Be wary of apps
Apple does vet apps very well, and the Play Store less, so do some research, and check the creation date and reviews before installing an app. Antimalware can scan new apps for you, but it is best to not install dodgy apps in the first place. Download from the official store only, not APK files from random sources.

Turn off Bluetooth, NFC and Wi-Fi
Whilst not in use, i.e. you leave your car or home, turn both off to save battery and reduce the attack surface. If you rarely make payments, disable NFC.

Review data sharing
Apple, by default, is not bad, but Google is poor, so review all data sharing settings and reduce those you share with Google. Likewise, disable cloud storage, map history, and your YouTube browsing history. Disable ad personalisation as well.

Enable tracking
Android and iOS do this out of the box, though you need to leave location services on. This is useful if your phone is lost or stolen. As well as tracking, you can request a remote wipe.

Be wary of public Wi-Fi
As mentioned before, most public Wi-Fi hotpots transmit data without encryption. Try to avoid public Wi-Fi hotspots, or if you need to use them, use a VPN. Even with a VPN there are issues.

Update your apps
Like a computer, mobile devices have apps (similar to computer software) that should be updated to patch security and stability problems.

Update the main operating system
Just like a laptop or desktop, the core operating system is updated a few times a year. Check updates from time to time or enable automatic updates.

Use a SIM lock
Your SIM card can be used to reset passwords or turn off 2FA, so enable a SIM lock to stop people stealing your locked phone and taking out the SIM for use on another smartphone.

Encrypt MicroSDs
This does not apply for iOS, but it does for Android, and MicroSDs by default are not encrypted, so change the settings to encrypt them to be paired with your smartphone.

Turn off geotagging
When you take a photo on your phone, many elements are “burned” into the photo, including longitude & latitude. Disable the permission for EXIF location to be saved with pictures. Just look at what happened to John McAfee in 2012 (Guatemala).

Be careful with the preview screen
A locked phone can display notifications whilst locked, and depending on the setting, it can show the phone number, subject and contents. Ensure previews on the lock screen give away little information.

Backup data
If you lose a phone and have no sync or backup service, you could lose your contacts, photos, calendar, notes and more. Use a 3rd party or native service to sync these.

Auto lockout times
Imagine you unlocked a phone and it was snatched seconds later, the thief can view your contents. Set a short auto lock so you need to reauthenticate often.

Privacy screen
These were firstly invented for laptops to stop prying eyes whilst on a plane or train. For £5-10, you can get one for your phone as well.

Review app permissions
We all remember the flashlight app from years back, which needed a bunch of permissions to work. Yes, it gave you light, but it mined your data as well. Go through each permission, i.e. contacts, calendar, location, Bluetooth, etc. and reduce which apps can use such permissions.

Use flight mode if you are worried
If you are in a risky location and think people may mess with your cellular connection, Wi-Fi or Bluetooth, enable flight mode temporarily.

Do not root or jailbreak your phone
Jailbreaking for iOS and rooting for Android allows you an “under the hood” look but increases security risks greatly. Do not do it, as it often voids warranties as well.