In light of recent events regarding Apple versus the FBI, smartphone security has come to the forefront. As average Americans, we carry some of life’s most sensitive information on our smartphones. They contain private messages, emails, financial data, GPS location, and even the location of our friends, family and children. If you’ve kept up with the case, and the points on both sides of the issue, you’ve probably wondered what you can do to keep yourself safe not from the FBI, but from bad actors who could also use these same methods to violate your privacy and safety. In order to help protect you and secure your smartphone, I’ve put together a list of simple steps you can take to help ensure your privacy.
If you haven’t already, you should enable passcode protection on your phone. This is the first line of defense against the simplest of attacks on your phone. As we have learned in the Apple v. FBI case, a simple 4 digit passcode is at least too difficult to crack for the average bad guy, which 10,000 possible codes.
However, I recommend at least the 6 digit passcode which newer iPhones suggest during setup. This adds a much more secure layer to your phone while still being simple enough to unlock on a daily basis. Security is unfortunately one of those things that conflicts with convenience as we will discuss more as we go through these tips. Finding a balance is great when possible, but ultimately to have the best security, you will be inconvenienced at some point.
The best and most secure option, if you don’t mind the inconvenience, is to select a full length passcode. Remember that length is more important than “complexity.” Brute force attacks used to enter a phone via the passcode virtually cannot crack alphanumeric passcodes of any decent length.
Fingerprint readers on phones can help in the convenience factor associated with adding a longer, secure passcode. However, there are a couple of points to be cautious about. First, this technology is relatively new and it isn’t proven yet how secure it is with its integration into devices such as the iPhone. Ways around the fingerprint reader could be devised, but for now it seems to be a viable option. Secondly, in the court system, you cannot be compelled to give up your passcode, as it falls under self-incrimination. Your fingerprint though can be, in the same way hair may be pulled for DNA evidence. To keep your phone 100% private you should disable fingerprint access.
With a warrant, or even the recent NSA mass-collection of data, your phone message can be retrieved from Apple or your carrier. To protect your private communications you should use third party options. For text messaging, Cyber Dust is a fantastic option. Cyber Dust uses end to end encryption to ensure your messages to your friends and family are just that, for you and them. For email communication, Hushmail is an industry leader in end to end encrypted email. At Douglas Media Group, we offer Hushmail as an option to our clients that deal with sensitive information such as financial data, legal matters, or HIPAA compliance.
This is the easiest and perhaps most important part, and that is to ensure your phone is encrypted. Both iPhones and Android devices have this enabled by default. Apple does it with iOS, but on your Android device you can check to see that it is enabled. In order to check the encryption of your Android phone, follow these steps here.
Backing up your phone to the local area is a great idea to save your data. In iTunes for instance, you can store a secure, encrypted back-up of your phone on your computer. What we have learned from the Apple v. FBI case, which is very important though, is that back-ups stored on iCloud, although encrypted, are not ultimately secure and Apple has access to that data. It is my recommendation that in order to once again ensure complete security, you should turn off any cloud back-up services you may presently use. For instructions to turn off iCloud back-up, click here.
Your phone contains some of the most personal and crucial data in your life. Whether it is private conversations with your spouse, or the location of your children, keeping that information secure is essential to the security of everyday Americans. By following the steps above you can take simple precautions to give that information the extra bit of security it needs.