Nowadays, most of us have a lot of personal information stored on our phones.
Whether you use online banking, have your Amazon account linked to your debit card, or even just keep personal information like account details, addresses or private contact numbers stored in your emails, your phone is likely filled with sensitive data.
Here are our best tips to keep yourself safe and secure while online.
1. Use strong lock screen security
You wouldn’t leave your house without locking the door. So don’t leave your phone without locking the screen. Modern smartphones offer several different unlocking options and not all of them are equal when it comes to security.
A pattern may be easier to remember, but it’s also easier for others to watch and remember or replicate from the fingermarks on your screen. Here’s the order of most secure to least secure methods of locking your phone:
Fingerprint
Password
PIN
Face unlock
Pattern
If you want to keep your smartphone secure, consider using a password rather than a simple PIN. While it may take longer to type out each time, the number of possible combinations makes it the more secure option. Longer passwords and those that include both letters and numbers will help keep your phone and your personal information safe and secure.
And it should go without saying, but don’t set your password to ‘password’.
2. Lock your apps
Once you’ve set up your screen lock, you can go one step further and add an extra layer of security by locking specific apps. This is easier to do on Android devices since you can install dedicated apps, such as App Lock, which lets you add a separate PIN, password or even fingerprint lock to selected apps.
Some apps, such as online banking, shopping, or email accounts, automatically require a second level of security to gain access. However, you might still want to prevent unwanted access to other apps if you so wish.
Currently, iPhone options are more limited. iOS allows you to limit screen time or access to some first-party apps.
3. Log out of apps and services
If you’re unable to lock your apps, the next best thing is to log out of apps and services that contain personal information.
While staying logged in makes life much easier, especially if you use them on a daily basis, it also makes it much easier for someone who gets hold of your phone to access all your information with just a few taps.
Prioritise shopping apps or any other app with your bank details saved. This might also help you limit your impulse online shopping.
4. Use a password manager
Once you have your passwords set for various apps and websites, the best way to keep track of them and to keep them safe is with a password manager app.
They let you set unique passwords for each app and website, using longer words and numbers, without worrying about remembering every single one of them. This is much more secure than using the same memorable password for every account you have.
Password managers like LastPass also make it easier to log back into apps and websites. This means you can keep them even more secure by logging out each time without having to worry about remembering passwords every time you want to browse on Amazon.
5. Beware of spam emails and phishing emails
Spam emails have become such a part of our everyday lives that it can sometimes feel like there’s more junk in your inbox than actual emails. Phishing emails and scams are looking to get you to give away personal information by convincing you that they are from official companies or organisations.
No matter who emails you, never click on a link within an email that prompts you to fill in your personal details or reset your password. There’s a high probability that this link will take you to a fake site where it will record your details and use them to access your online accounts.
If you get an email from your bank, from the government, or from a shopping platform like Amazon stating unusual activity on your account, still do not click on the link provided. Instead, exit your emails and access your online account directly to check if there are any direct messages or more information within your account.
6. Use an antivirus app
Using an antivirus app can help protect your smartphone from malicious software which could be used to access your personal information. Even though smartphones are less vulnerable than computers and laptops, there is still some risk. And considering the amount of things we use our smartphones for, even a small risk is potentially serious.
Well-known antivirus programs like McAfee, Avast and Panda have smartphone app versions which provide enhanced security by making sure that downloaded files, apps, PDFs, and images, aren’t infected with malware before you open them.
7. Don't use unofficial app stores or “jailbreak” your phone
Jailbreaking is the act of removing all the built-in restrictions on your smartphone’s operating system so you can install unofficial apps, themes, programs, and extensions on your device. People sometimes do it to customise their phones, improve battery life, or download and use apps that aren’t available in the official app stores. However, jailbreaking your phone can leave it significantly exposed to hackers.
If you jailbreak your phone and it malfunctions, don’t expect any sympathy from Apple. It will also void your warranty, and you won’t be able to get it repaired or replaced.
8. Download extra security software and/or a VPN
While most smartphones come with some security services like Android Device Manager and Find My iPhone, downloading additional security software is never a bad idea.
Apps such as ‘Prey Anti Theft’ won’t prevent your device from being stolen, but they could help you get it back. These security apps enable you to remotely take pictures with your smartphone camera, or sound an alarm which will go off even if the phone is set to silent.
It’s also a good idea to download and install a VPN (Virtual Private Network) on your phone. A VPN will allow you to make a secure connection through a private network when using the internet. This keeps your data safe and anonymous by assigning you a temporary IP address when you access websites. Essentially, they can add an extra layer of protection between you and hackers.
9. Avoid public networks and public charging points
Public Wi-Fi in places like cafes, airports and shopping malls is a convenient way to get online while you're on the move. However, these public Wi-Fi networks are, as the name suggests, public, meaning it’s much easier for others to access your information. (If you can’t avoid using public networks, then make sure you have a VPN installed to add a layer of extra security.)
The same is true for charging your phone at public charging points in airports, stations, conference centres, and other busy locations. When you connect your device to a charging point via USB, the connection is also able to transmit data. This type of hacking is known as "juice jacking", when your phone is vulnerable to a security breach.
So instead of using an open USB charging point, remember to bring your charger with you so you can plug your phone directly into a power socket to charge.
10. Update your phone's software regularly
The constant stream of updates on your phone can be a bit frustrating, but smartphone software updates aren’t just for cosmetic reasons. Many of these updates and bug fixes contain improvements to your device’s security, helping you guard against data breaches, intrusions, and reduce your vulnerability to hackers.
The longer you go without updating your phone, the longer you’re exposing your data to risk from malware malfunction. So when there’s a new operating system update announced, be sure to install it straight away.
11. Use two-factor authentication
You’ll start seeing two-factor authentication being incorporated into more and more sites that hold sensitive data. The extra step can seem a bit tedious, but double-checking your identity is legitimate before allowing access to a specific account makes it significantly more secure.
You’ve probably used two-factor authentication to access banking websites, government websites or sites that confirm your identity. The most common form of two-factor authentication is when you’re sent a time-sensitive code via text message. You’ll need to enter that code before you can access the designated account.
It can be frustrating to have to take an extra step, but it makes your more sensitive information harder for unauthorised users to access.
12. Don’t store personal information on your phone
Your phone may seem like an ideal place to store notes, passwords, logins, and other personal information since you almost always have it to hand, but this can be very dangerous if your phone is ever stolen or hacked.
Make a habit of clearing sensitive information from your phone, including the following:
Notes with personal information
Private documents
Confidential emails from financial, employer, and health-related accounts.
Screenshots of logins, passwords or personal information
Photos of private documents (e.g. photos of your passport or travel documents)
Geotagged photos