How do you protect your phone and your data?
by Matt Palmer - Divisional head of information security at a global bank - Wednesday, 30 January 2013.
Given the risks we run in not securing our phones, youíd be forgiven for thinking it must be a task requiring a doctorate in computer science. In reality, however, securing a smart phone can take only a few simple steps.

Itís not hard to render your phone and its data of little value to a criminal, and by doing so, protect your data and identity, and increase your chances of getting your phone back as well.

How do you protect your phone and your data?

1. Donít leave your phone unattended on the counter or table whilst paying for shopping or enjoying a meal out.

2. Always use a PIN to lock your phone and your SIM card. Locking the phone prevents someone from using the handset without resetting it (which normally wipes your data). Locking the SIM stops someone from removing your card and using it in another phone.

3.Use a different PIN to your bank accounts. A six-digit PIN is much more secure than a four-digit PIN, as long as itís not your date of birth!

4. Keep your software up to date. Smart phones have an operating system just like a computer; and from time to time, security issues are identified. Some networks delay software upgrades but security updates should be available immediately. Install them right away.

5. Back up your data to the cloud or your home PC. The best way to do this is using software like iTunes that can do this automatically, but you still need to check on a regular basis.

6. Only install the apps you really need. Not all app stores check the applications they contain, and itís easy for apps to extract your personal data. Check the authenticity of applications and what data they will access, and only install applications from developers you trust.

7. Only let apps access data they really need. Many smart phones allow you to set whether applications such as Facebook or Twitter can access your photos or contacts or track your location. If you donít need it, turn it off.

8. Use different passwords for different websites so that a hacker who gets one password canít take over your life. This is particularly important for online and mobile banking. Consider also using device specific passwords for email. Many services like Google Mail allow you to set a separate password for your phone, so even if your phone is compromised, your main password isnít.

9. Store passwords securely. Most people now have 50 or more passwords for websites, applications, phones and computers. If you need to write these down, never add them to your contacts, store them in a web browser or on your phone. As convenient as it is, just think of how quickly a thief could wreak damage with this information. Instead, use an application such as lastpass or keepass to store them securely on your phone and PC.

10. Track it. Most major smartphone platforms, including Appleís iOS and Googleís Android, offer tracking apps that can track your phone, lock it and wipe the data remotely. This may not recover the phone, but it will stop someone else from using it and gaining access to your personal data.

Taking these simple steps wonít prevent you from leaving your phone in the shopping centre. It wonít make your phone look any less attractive to a thief. What it will do is make it much less valuable, even rendering it almost worthless. It will also mean that even without the phone, your memories and records will be safely in your possession. If youíre lucky, it might even mean you will get it back.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th