You have antivirus software and a firewall on your PC, right? But what about your smartphone?
These days most of us use our phones for everything, including highly confidential stuff we would prefer to keep private. But many people still are not aware of the need to keep their smartphone secure, or how to do it.
PwC’s cybersecurity team has come up with some easy tips to keep you safe when you use your smartphone in cyberspace. You will be aware of some of them, but some are less obvious, and it is worth checking all of them out if you want to stay secure. The resources are easily available, and all it takes to protect your privacy is a little extra awareness and a few minutes of your time.
The main areas to keep an eye on are apps, wifi connections, authentication, and data and updates.
- Be careful about what you install.
- Disable apps from untrustworthy sources.
- Do not root or jailbreak, especially if you do not know what you are doing.
- Always use the legitimate app stores run by Google, Apple, Windows, etc. Disallow any apps downloaded and installed from other sources.
- Remember that you do not have to agree to all the access permissions an app is asking for. If the app gives you the option, only agree to those that make sense and you feel comfortable with.
- Do not download an app that asks for permissions and does not give you the option of disagreeing. Even if it looks legitimate and has high ratings, the app could be malware called CopyCat that could get you in a lot of trouble.
- Get rid of any apps you do not use any more − or at least keep them updated. Apps that are not up to date could have security breaches and be used as an access point to your phone.
- Do not connect to a public wifi network unless you have reliable antivirus software on your phone.
- It is safer to use a virtual private network (VPN) app. This gives you a secure connection that is less vulnerable to hackers listening in on an unsecured network. You will find VPN apps on your app store for free or for only a few francs a month.
- Do not make financial transactions (e-banking, payments, etc.) over an unsecured public wifi network without special protection (for example VPN). It is very risky.
- Turn the wifi connection OFF when you have finished using the wifi network.
- Use authentication and strong passwords. Instead of passwords, consider using passphrases such as ‘iAmFromUetliberg!’
- Use two-factor authentication wherever possible.
- Avoid reusing the same passwords for different websites.
- Change your passwords regularly.
- Consider using a password management tool such as LastPass, Keeper or Dashlane to help you remember your passwords. This option requires an extra security step to log in to your account. Use your password management tool whenever possible, especially for Facebook and email.
Data and updates:
- do not store sensitive files on your phone.
- Activate the ‘lost phone’/’find phone’ Both Apple and Google offer a ‘find my device’ function.
- Keep an eye on suspicious activities in the background. You can install apps like LogDog that alert you to suspicious activity such as logins from unfamiliar places. This allows you to step in and change your credentials before serious harm can be done.
- Always keep your phone operating system updated. The new updates are actually security patches that could protect your phone from breaches.
If you are aware of the potential risks, it only takes a few minutes of your time to make your smartphone much safer to use.
If you have further questions about keeping mobile devices secure (privately or in an organisational context) or any other issues related to cybersecurity, check out PwC’s Cybersecurity website or contact Reto Häni direct.
Cyber Security Partner and Leader
PwC Digital Services
+41 79 345 01 24