They have replaced cameras, video cameras, watches, land-line phones, fax machines and scanners with better and faster versions of these technologies. But there is a dark side to cell phones that we are just coming to understand –the ability to watch and record everything we do, even when the phone is assumed to be turned off.
We’ve known this was coming as we watched cell phones evolve into smart phones with the greatest array of capabilities of any computing device. And yet, we ignored most of the implications of this evolution and put our trust in a simple password system.
What can the bad guys learn about you from your cell phone? Just about anything they want, including:
- Your personal financial information. “Mobile apps” for banking simply are not secure enough to prevent data thieves from gaining a lot of information about your account.
- Where you are, and where you have been. The GPS tracking system lets you know this information, and invisible tracking applications can easily upload this information to a web site.
- Everything your camera can see. Even if the phone is turned off, the camera can be remotely activates to record everything the camera sees.
- Everything the phone hears. Likewise, the microphone can be activated to listen in on meetings, conversations and other events, even when you think it is turned off.
- The contents of all your emails, text messages and SMS messages.
- Infecting the phones of everyone in your contacts list – clients, partners, family and friends.
There are security programs for cell phones that claim to provide protection, but these are limited in the scope of their protection. The major problem is that these applications largely rely on only anti-virus engines that do little to combat the myriad of other technical assaults on the phone’s system.
So what must you do to prevent being stalked by your cell phone? Here are 10 basic steps:
- Keep using passwords to unlock the phone. Use a password that contains at least one number, one capital letter and one non-standard character (such as # or &).
- Install an anti-virus program to at least protect from viral attacks through email and downloads. I find the free version of Avast Anti-Virus to work for me, but feel free to choose your own.
- Remove banking and financial applications from your cell phone. Applications that are not there cannot be used against you.
- Don’t store documents or files on your phone. Or photos. Instead, find a secure cloud storage solution and access the files only as needed. Once used, delete them from the phone.
- Never, ever store your master list of passwords in an unencrypted file on your cell phone.
- Do not install applications that require you to allow unknown third-party apps to your phone.
- Be wary of Android applications (iOS apps are tested before becoming available in the Apple store) from companies you don’t know or have not heard of. And check the list of permissions that must be given to make the app work. A flashlight application, for example, should have no need to access your GPS data, but will need access to your camera for its flash.
- There are applications (generally through your service provider) that will enable you to locate your phone and wipe it clean should it ever be lost or stolen. Highly recommended.
- Never open an SMS message from someone you do not know, and never respond to a text message, email or phone call from anyone you do not know. You do not need to read emails from strangers outside of the office.
- Do not store medical information, social security number, your address or other information on your phone that can be used to steal your identity or access your accounts.
Cell phone security is still in its infancy, and can be expected to evolve and shift tactics in the months and years ahead. But this list of 10 steps should provide a beginning effort to keep your phone and your identity secure.
Source: CPA Practice Advisor