How to protect your smartphone data from being stolen

One of the biggest threats to our smartphone privacy isn’t Carrier IQ or any kind of malware but ourselves.  We store countless pieces of personal and corporate data on our phones which, if lost or stolen, could be accessed and used by anyone.

So how do you protect your smartphone’s data and your privacy?  Threatscape’s MD, Dermot Williams, took us through how you can keep your data secure even if you lose your phone.

Read more security advice from Dermot Williams here.

The Technology
The most basic form of phone protection is your PIN but many of us undermine our own security by choosing unsecure PINs.  Many phones won’t allow you to use basic PINs like 0000 or 1234 but if you phone does, or if you are using these numbers, then you should change them.  If you’re not using a PIN then your data is open to the world.

Bluetooth and WiFi
The same goes for Bluetooth, be sure to use a unique Bluetooth PIN and when not connected to an external device to turn your Bluetooth connection off, even if just to save your battery.

For WiFi connections make sure you use encryption where possible.  Only this year Google had to plug an Android WiFi security hole which would have allowed people to snoop on other’s WiFi data.  Apple and Android apps like Lookout can give you more information and protection when connecting to unsecured WiFi channels.

One of the first things you should do when you turn on your new phone (after setting a secure PIN) is to download a mobile tracking app.  Again, Lookout is a good option for both iPhone and Android.  We’ve covered Lookout Mobile Security before but we haven’t gone into too much detail about the app’s tracking system.  With Lookout you have the ability to locate your phone using the app’s site and using the same site you can lock and even wipe your phone.

Apps
Only download apps from trusted sources, if you are an iPhone user chances are you will feel more protected than Android or Windows Phone 7 users but don’t be complacent.  All three companies have the ability to remotely delete apps after they have been installed on your smartphone, suggesting that they fear malware could get through their app markets’ vetting systems.  They can do this for a number of reasons but user and data security are the main ones.  Thankfully, so far Google is reportedly the only manufacturer to have used their “kill-switch” and they have not had to use it often.

If your iPhone, Android, or WP7 have been jailbroken be extra careful with the apps you install.  You should ask yourself if jailbreaking your phone is worth the increased security risks.

You
There are a number of apps on your smartphone that you probably can’t live without; personal/work email, Twitter, Facebook would be the main ones but these are also the apps which would give would-be thieves access to accounts you’d rather keep private.  To be absolutely sure that your data is not at risk on your phone Williams recommends you log out of each account when finished.  Leaving your phone logged into your social media, and personal email accounts is a risk to your privacy; leaving your phone logged into your work email is another story entirely.

Remotely log out of your social media apps
Remember that if your phone is taken and it is logged into your social and email accounts there are a few things that you can do.

• Twitter: On Twitter you can revoke apps’ access to your account from the website’s Applications’ page.
• Facebook:  Ending “Active Sessions” for your smartphone should prevent it from accessing your account.  If that doesn’t work try changing your password.
• Google/Gmail: For Gmail and Google+ try changing your account’s password.  For extra security enable two step verification.

Loose lips
Be careful what you say when you are logged into your personal accounts with your smartphone.  Even SMS messages can contain personal information that you might not want others to see. Consider downloaded a trustworthy app that backups your text messages to your email account.  This way you can be sure you always have a copy of them and you can delete ones with personal information from your phone directly.

Remember to back up your phone on a regular basis; at least this way if it is lost or stolen you don’t have to worry about losing your data.  If your phone is stolen make sure you know where its IMEI number is (it’s usually on the phone’s box) so when you report it stolen to your service provider they can prevent it from making calls.

When your phone comes to the end of its life be certain that you have completely wiped all data from it before you recycle it.

Recovered your phone?
If you recover your phone Williams recommends you check its security settings to ensure nothing was changed.  Also check your apps to be sure nothing new apps were installed.

And with this you should be more secured with your phone.