This is the 3rd article in HH’s Cybersecurity Series
Safeguarding yourself and your family against cyber threats requires attention to many specific areas. In past articles, we’ve talked about email and password security, but equally critical is securing the devices you use to access the World Wide Web.
It used to be the case that we’d all hop on our PCs and Macs to access the web, but increasingly, smartphones and tablets are our typical go-to device. The iPhone recently celebrated its 10th anniversary. It’s difficult to summarize the impact that the arrival of the smartphone has had on how we connect with one another, and how we conduct business and arrange our personal affairs.
Today, most people are highly dependent on their phone, be it an iPhone or the large variety of Android devices that exist. We increasingly use our iPhones or iPads to access our investments, bank accounts, and email. That’s why we’re focusing this blog post on smart devices. Here at HH, we want to make sure that you’re taking the correct precautions to secure them—they’re potential treasure troves of important data if stolen by someone with ill intentions.
Passwords, locked screens—and heightened security with dual factor options
Your first step should be to secure your smartphone/tablet with a password. Your devices should be set to move to a locked screen should they be idle after a short interval of time. Believe it or not, some people still don’t implement this simple security feature. If your phone is sitting on the table at a crowded restaurant or in your shopping cart at a store, it only takes a moment while your back is turned for someone to walk off with it.
If criminals can lift you phone while it is unlocked, they have immediate access to your emails and any applications installed that may contain banking or investment info. A smart criminal will also copy your entire Contact roster and notes from your phone as well. Your best line of defense is to utilize your smartphone’s integrated fingerprint sensor paired with a strong passcode as a backup if the fingerprint sensor is unresponsive. Enabling this simple feature instantly makes your mobile devices much more secure from outsiders.
If your smart devices are older and don’t support biometric authentication (fingerprints and now facial recognition), it could be time to invest in a newer phone or tablet. We’ve already talked about two-factor authentication, both in prior blogs as well as directly with you, our clients. It is worth reiterating here. If your smart devices are manufactured by Apple or run Google’s Android operating system, you will be required to set up an Apple ID or Google account to register your device. Both Apple and Google offer two-factor options, which can further enhance the security of your devices. We strongly recommend setting this up as well.
Both Apple and Google store user data from your devices in the cloud (iCloud and Google Drive), so failing to secure these accounts with additional protection means a cybercriminal may still be able to access these accounts in the cloud if not through your smartphone or tablet directly. This would include any documents stored in the cloud, as well as notes and your contact records. Apple has already suffered several high-profile hacks of its iCloud service, which resulted in personal photos from users’ iPhones being leaked on the web. In short, it can’t hurt to assume that your trusted carrier is not impregnable.
Are you sure of that app?
As with computers, you should be cautious when downloading applications to your smartphone or tablet. Many applications will ask for permission to access personal data on your device when downloaded, such as location data, contact data, and photos. Don’t assume that you are required to grant permission to these private sections of your device just because the application asks for it. If you’re not sure, you can always block access to see if this denial impairs critical application functionality.
Websites and public Wi-Fi: Browsers beware
Likewise, caution is always advised when browsing the web. It’s best to avoid websites that are questionable—malicious websites may create pop-ups in your phone’s browser window that attempt to copy sensitive data from your phone or re-direct you to a webpage that attempts to install malware on your device.
Finally, Wi-Fi security should always be on your radar. It might have been rare even a decade ago, but today it’s very commonplace to visit public places that offer Wi-Fi as a benefit for those using laptops, smartphones, and tablets. Free Wi-Fi is what we’re concerned with here—it has little or no security in most cases and makes it easier for cyber criminals to use simple eavesdropping tools to spy on internet traffic. This is typical in coffee shops like Starbucks and other small businesses, malls, libraries, airports … public Wi-Fi is getting more and more ubiquitous.
If your smartphone or tablet detects an open Wi-Fi network to connect to, and no passcode is required, you should avoid using it. Connecting to an unsecured wireless hotspot could allow a hacker to monitor your web traffic or install a spyware virus that might record the user names and passwords you enter. A great alternative, particularly if you are frequently on the road, is to subscribe to a VPN (Virtual Private Network) service. Once you enable the VPN connection on your smartphone or tablet, your traffic will be secured against prying eyes—even if you’re connected to an unsecured wireless network.
VPNs for individual users typically cost less than $5.00 per month. Here’s a link to a review of some of the major VPN providers: The Best VPN Services of 2018.
Questions about cybersecurity best practices? Ask us.
These tips should be a good starting point for you to review what you’ve already put in place to make your personal devices less vulnerable to hackers and other criminals—as well as further fortifications you can take to enhance your security. Clearly, this is not an exhaustive list. Your Halbert Hargrove service team would be happy to answer questions, provide more information, and talk through any security concerns you may have. Please let us know how we can help.
