Are app companies asking for too much access to files on your phone?
Could your smart phone potentially be a data leak?
When thinking about online privacy and security many people don’t consider that one item they have with them every single day… and frankly, use hundreds of times per day… their cell phone.
We have become increasingly dependent on our mobile devices for much more than making calls… as a matter of fact, some people almost never make a single call on their phone…
Let’s face it, these days we use our phones to communicate with our friends and loved ones via text, instant messenger or any other host of available apps… we read the news on our phones… we use them to play games… we use them to track our exercise and sleep… we use them to do our banking… and let’s not forget we even use our phones to find romantic partners.
Did we forget anything?
Of course we did… you can use them for almost anything today…
For those of us of a ‘certain’ age… we remember our middle & high school math teachers making us work out your math homework on a piece of paper because “you’re not always going to have a calculator with you.”
If they only knew…
Before we dive into this often overlooked, but extremely important piece of equipment that affects our daily lives, it may be a good idea to read all of the previous information in our online privacy/security series.
If you haven’t already seen all of this extremely important information, here’s what you’ve missed…
Your Phone’s Security Weaknesses
As we mentioned, until recently you may have put very little thought into the security of your mobile device. Because of that, the sky is the limit as to what personal data you may inadvertently be sharing every time you download another free game or app-based tool.
This laissez-faire attitude towards mobile security is increasing the chances that your personal data… and for those who use their phones for work, your corporate data, are likely to be breached.
How is this happening?
That’s a very interesting question and one which is certainly multifaceted. But suffice it to say that the most likely cause for data breaches on your mobile device is probably not the Operating System (O/S) or even a virus or malware.
The most likely culprits are the apps that you download on your phone.
On its face, that may seem completely counter-intuitive… after all, we usually download these apps from places like Google & Apple… you can trust them… right?
Well… whether or not we can trust companies like Google and Apple is a bit beyond the scope of this article, but realize that these devices are ALWAYS collecting data and listening. Want just a taste about the information they collect… read this.
Permissions, Permissions, Permissions
If you’ve ever downloaded an app on your phone, you get the pop-up that says, “this device needs access to …” then you see a whole list of your mobile devices files and functions… many times, these permission don’t even make sense for the app you’re downloading… like, permission to your contacts for a flashlight app.
Now don’t misunderstand, the way apps are designed today, they need access to certain device data in order to function properly, but sometimes all these apps are doing is collecting more data about YOU!
Because of this, it is a good idea to look for apps that have limited permissions necessary to function. Also, many apps will allow you to adjust permissions… but what they don’t tell you is when an app update is loaded to your phone, it will often reset permissions to default settings… and, just like that, you have lost control of your privacy.
Make it a habit to check your app permissions on at least a monthly basis. This will help to limit these permission heavy apps from having unneeded and unwanted access to your device.
Oftentimes you can find apps which are less permission intensive that provide the same function. It would benefit you to search those out, just be sure they are not from third party sites.
Other Security Vulnerabilities
While the most likely means for your mobile device to be compromised is via the apps downloaded to it, that is certainly not the only way to put you phone at risk.
One of the other most common opportunities for security breaches to your device stems from user error.
Right now you’re probably saying… what do you mean user error? I know what I’m doing when I use my phone.
We’re sure that is true, but we are not necessarily talking about the actual ‘operation’ of your phone. Just as you control most of the apps that are loaded on your mobile device, you are also in control of what you do with your phone.
Believe it or not, one of the most common ways a phone gets compromised is because the user leave the phone unlocked.
That’s right… not locking your phone when you are done using it allows for prying eyes to have easy access to your personal info.
Another item within your control is ensuring that the operating system for your mobile device is up to date. Though this is not the most common reason for a device breach, it is still something that is completely controllable by you as the owner.
Mobile Device Security Tips
So what can you do to keep your phone & personal information safe?
There are several things you can do to keep your phone secure. Let’s review them now…
- Always Lock Your Phone – as we just mentioned, this one thing can save you from having prying eyes looking at your contacts and other personal information on your phone. Using Fingerprint or Facial Recognition is great, but it’s a good idea to have a PIN or Pattern as a backup.
- Keep Your Phone’s O/S Up-To-Date – by having the most recent version of your phones operating system installed and active on your device ensures that all know vulnerabilities are being defended against.
- Install Mobile Protection Apps – there are apps from credible vendors that provide protection for your phone. The protection provided by these apps varies widely, but some will include firewalls, monitoring for suspicious activity, notifying you about fake Wi-Fi and more.
- Consider Using A Dedicated Mobile Device – while this can become difficult to pull off initially, with some practice you can become used to using different mobile devices for different things. For example, using a dedicated phone for company work or cryptocurrency wallets. By doing this, you can further control app loading a usage on each device and mitigate data breaches.
Use Common Sense
Can this data on your phone potentially be used to hurt you or your company if it were to fall into the wrong hands?
Of course it can!
When you load an app on your phone and you see all of the requested permissions, go with your gut… if it seems like it’s asking for way too many permissions… let that be a RED FLAG!
Look for another app that needs less invasive permissions. Either way by giving apps only the most necessary of permissions, ensuring that your O/S is current and locking your phone when you’re not using it can eliminate many breaches of your personal data.