In my line of work, security is a key asset. I've encountered companies willing to pay tens of thousands of dollars, even hundreds of thousands, for a secure network they can trust. I've worked with colleagues in the IT world who were just as security conscious about their home networks, and in the BC era (that's Before Cloud), I worked with an IT manager who used to backup their personal family computers to tape and store that offsite. Impressive awareness of security, if not a little overboard.
But sadly, many of us - even IT professionals in the security industry - forget about mobile phones, tablets, heck even common smartwatches. When it comes to that slab of glass or high gloss plastic strapped to our wrist, we tend to feel safe. What is someone gonna do, steal your face or fingerprint and read your emails to mom and dad about "that strange rash"? Can you imagine a bunch of finger-less folks with blank faces wondering around aimlessly because they can't access Google Maps without face authentication? Give me a break, Brandon, it's just not possible.
Except maybe you should be worried. Last year, according to this report by Reuters, one or more hackers managed to breach more than nine U.S. State Department employee phones using sophisticated spyware that was designed by a security firm for law enforcement. The tool is, for all intents and purposes, invisible, installs itself without giving the user prompts or indication that it is installed. The tool then proceeds to export copies of such things as texts, emails, photos, and other phone content.
We're not all government employees with world-breaking secrets on our phone; but we do have data that can be exploited and used to cause great harm to our finances, our families, or to ourselves. So why not take a few simple precautions and reduce the risk: I'm sure future you will thank past you one day!
Here are a few simple practices that I follow to keep my smart devices safe. While doing these few things isn't a guarantee that you'll never be hacked, I can assure you that your device will be much harder to compromise: and hackers will prefer an easier target.
MY QUICK LIST OF SMART DEVICE PRACTICES
Avoid public wifi services, especially if they are unencrypted. It is incredibly easy to put a fake wifi transmitter up and gather your data.
If you must use a public wifi, make sure you use a reputable VPN to secure your traffic. I'll be talking about VPN's in a future Blog post (and I'll link back here when I do!)
Avoid using "USB" outlets to charge your device at the mall, airport, etc. - these can easily be setup with technology to steal your phone data under your nose.
When installing new apps, check what permissions it's asking you for and make sure they are sensible. A "torch" app asking for access to your camera is logical, but a tv remote control asking for the same access to your camera would be a red flag to me.
Ensure you set your pin to something memorable but not easy to guess. Your birthday... not too hard to find out. The first 6 notes of AC/DC Hells Bells, not so obvious :)