secure phone

Securing your smartphone

Smartphones play a huge role in our life; we use them to conduct our day to day lives whether it is shopping, learning, dating, healthcare, entertainment, or work and older versions of phones are more prone to security weaknesses. We use these devices more now than ever and the security of our smartphones is critical to staying safe from harm.

In this document, we will cover how to secure the two most popular phone types on the market.

Securing Android

  1. Lock you phone, seems simple but there are people still not doing it. Your data is more likely to be compromised due to a stolen or lost phone then from Malware. While biometric security (face, iris scanning, voice, fingerprints) seems more secure, the good old fashion pin code or password is still the best security measure you have.
    a. Here is a how-to video on setting up a pin code for your phone
  2. Use two-factor authentication (2-Step Verification) Two-factor authentication is a way of verifying your identity in addition to your account password.
    a. This helpful how-to guide from Google shows you the steps to take to set up Two-factor authentication
  3. Use Play Protect, it’s free and it works.
    a. This should be on by default on most newer Android phones
    b. Check out the robust security features it provides
  4. Only use approved apps from the Google Play Store
  5. Install find my device
    a. The Find My Device app helps you to locate your phone if it gets lost or stolen, it will also help you to delete your data if you need to remotely wipe the device
  6. Update phone with security patches monthly
    a. Each month Google release security patches set a schedule to update your phone as soon as the install is available, it only takes a few minutes and could be the difference between being safe or unsafe.
  7. Use encryption, having encryption enabled helps protect your data
    a. This how to guide will show you the steps to turning on encryption
  8. Check App permissions, this helps us to stay secure, for example my calculator app does not need camera and microphone permissions.
    a. Follow these steps to check you App’s permissions
  9. Uninstall apps you no longer use.
  10. Turn off connections when you don’t need them
    a. Turning off Bluetooth and Wi-Fi when not in use reduces your risk to attack.

Securing iPhone

  1. Keep your iPhone up to date, it is the #1 thing you can do to limit your risk.
    a. To Update open settings app and tap General > Software Update.
    b. Verify you are running the latest version of iOS.
    c. Enable automatic iOS updates.
  2. Choose a passcode longer than 6 digits, ideally use an Alphanumeric code.
    a. How to set a new passcode for iOS.
       i. Open Settings
       ii. Tap Touch ID & Passcode (or face ID & Passcode if you have an X-series)
      iii. Enter your current Passcode
      iv. Tap Passcode Options
      v. Choose either Custom Numeric Code or Custom Alphanumeric Code
      vi. Enter your new code and verify it
  3. Use two-factor authentication (2-Step Verification), Two-factor authentication is a way of verifying your identity in addition to your account password.
    a. Go to Settings > tap your name > Passwords & Security then tap “Turn on Two-Factor
    Authentication and follow the prompts.
  4. Check App permissions, this helps us to stay secure, for example my calculator app does not need camera and microphone permissions.
    a. Go to Settings > Privacy and then select the permission you would like to revoke by toggling the application to off.
  5. Disable Siri on the lock screen, this will prevent Siri from being accessed when you don’t want it to be.
    a. Go to Settings > Touch ID & Passcode (or Face ID & Passcode) and toggle the “allow access when locked” option to off.
  6. Turn off connections when you don’t need them.
    a. Turning off Bluetooth and Wi-Fi when not in use reduces your risk to attack.
  7. Activate Find My iPhone
    a. Go to Settings > Username > iCloud. Scroll to the bottom and tap Find My iPhone toggle
    to turn on and send last location, you may be prompted to sign in with your Apple ID
  8. Set up Auto lock, this will require a passcode every time the phone is picked up (most secure option)
    a. Go to Settings > General button > Auto-Lock
  9. Change your reused passwords, iOS 12 and above have a feature for auditing reused passwords; having unique passwords is a critical step is staying secure.
    a. Go to Settings > Passwords & Accounts> Website & App Passwords
      i. You will see a small warning symbol next to each account that has a reused password. Tap on the “Change Password on Website” button