Smartphones should be secured from any hijacking attempts online and offline. Losing a phone might mean identity theft, losing your social media accounts, having your contacts and phone numbers compromised, loss of documents, emails, photos and messages. My phone is connected to most services that I use so this is crucial.
If you are like me, you’d be logged in to all of your services on the phone when the phone is up and running. If a thief gets your phone in their hands they would be able to connect to your digital life and steal* any data that is on there. You should prevent saving your passwords with good password hygiene.
Android has built-in security to prevent any wrongdoings. For example, you can encrypt your phone so that even if someone can’t guess your password, they can’t read the raw data by plugging in your SD card and browsing through the files or by using rooted methods or developer tools to access your file system.
You should always have a pin, password or pattern set up in order to at least provide basic security. In the case that it gets annoying, you can ease it down by increasing your automatic lock time or enabling smart lock. I have smart lock enabled for my home address and other trusted locations so if I’m in these areas my phone will stay unlocked.
In terms of apps for your phone, you should look at the app permissions that an untrusted app requires before you begin installing it. When you start installing an application the permissions that it requires will show up. Take a look and see if it makes sense, your flashlight app doesn’t need to read your text messages. It’s a good habit to look at the comments and look at the rating before you rush to download something. You can also use something like AppLock that can lock down specific apps that are very important to you and may contain data that needs to be extra secure.
It’s a good idea to protect your internet access when you’re connected to an untrusted WiFi like those that can be found in a train station or a coffee shop. It’s absurdly easy to sniff out your data or your session using public and free tools like Wireshark, FaceNiff or Firesheep.
If your device gets stolen, you can use Google’s Android Device Manager to ring your phone, lock down the data with a message or even completely erase all data. You then get a GPS location and the time your phone was last online. You should give it a try now and see if it works correctly.
And finally, don’t leave your phone unattended.
This is the first of a three-part series on personal digital security. The next article is about good password hygiene
Originally published at illyism.com on August 11, 2015.
