If you’re like most people, you rely on your smartphone for work, play and managing your personal life. But what if you lose access to your smartphone and all the apps, accounts and data you keep on it?
Jace Chen, country manager for South Africa at realme, looks at why and how young professionals should keep their smartphones secure.
These days, it’s difficult to bank, shop, work, stay in touch with friends and family without your trusty smartphone. If it gets lost, stolen, compromised by hackers or riddled with malware, you could be locked out of vital services and apps, such as online banking or email for hours or even days.
You’ll also face the costs and inconvenience of getting a new device or resetting your passwords for every account. In the worst case scenario, a scammer or thief might use your data to steal your identity or get into your banking accounts. But all of this stress can be avoided with a few simple steps:
Protect the lockscreen: Despite the hype about malware and hackers, your single biggest security risk is theft or loss of your phone. Use facial ID, a fingerprint, a pattern, or a PIN to ensure that someone who picks your phone up can’t get into your data and apps.
Set up the find my phone and remote wipe features: Modern devices such as Android smartphones allow you to locate and wipe them remotely as soon as they connect to a network. This enables you to recover your phone if you’ve lost it and to remove your data and login details if you can’t get it back.
Stick to the official app store: While it can be tempting to ‘sideload’ apps, it’s usually safer to stick to an official app store like Google Play or the one offered by your smartphone manufacturer. Apps on these stores are carefully vetted for malware and other privacy issues. Apps from non-official stores are more likely to contain malicious code.
From a security perspective, all Android apps are carefully tested before they appear on Google Play, which has a built-in Google Play Protect that checks your apps and devices for harmful behaviour and runs safety checks on apps from the Google Play Store before you download them.
Limit app permissions: Many apps will ask for permission to access things like your files, camera, location, contacts and more. Look at the permissions for each app and ensure they only have access to the permissions they need to function. A match-two game, for example, should not need to know your location.
Get rid of apps you don’t use: If you downloaded an app, used it once a few months ago, then never looked at it again, consider deleting it. Every unneeded app on your smartphone is another app that might be sharing data with its developer or which needs to be updated to avoid security issues.
Keep your software up to date: New versions of operating systems like Android and updates for your apps frequently include security patches. Staying up to date with the latest version of the software you use will minimise your exposure to security vulnerabilities.
Separate your work and personal data: If your employer has a bring your own device (BYOD) policy, you may want to separate your work and personal data and apps. Talk to your IT department about setting up an Android Work Profile, for example. This lets your company manage work apps and data while your personal stuff remains private.
Use strong passwords and MFA: To keep data on sensitive accounts like your Google account, online banking profile and social media accounts safe, secure them with strong passwords that can’t be easily guessed. Think about enabling multi-factor authentication (MFA)for important apps or transactions. With MFA, you use a one-time password or PIN emailed or texted to them when you want to log into an account, change details or make a payment. Or you could use an app like Google Authenticator to generate a code.
Be security conscious: Social engineering scams, like a fake text message urging you to pay SARS or someone pretending to be phoning from your bank, are among the biggest threats. No credible business or government agency will ask for your passwords, PINs, or OTPs via text message or a phone call. If anyone asks for this information, it’s almost certainly a scam. If you receive a suspicious message or call, don’t respond immediately. Instead, contact the business directly using official channels (like their website or customer service number) to confirm if the request is legitimate.
