February 14, 2024

The Ten Commandments of Mobile Device Security

When it comes to technology, there isn’t a single device that travels with us or knows more about us than our phones. They quite literally go with us virtually everywhere. They see everything from our messages to our locations to our browsing habits while we’re on the toilet (we all do it, don’t judge). And because we bring our phones with us and use them so much, most cybersecurity experts would agree that it’s the one device that poses the biggest potential cybersecurity risk. Combine a smartphone’s convenient and user-friendly interface with the sheer amount of private data available on its user, and it’s essentially a giant target for anyone trying to violate your privacy. Why else do you think that the terms and conditions for so many apps grant them access to everything from your camera and microphone to your location to your contacts?

So how do you protect yourself? We posed that question to one of our newest brand partners: a company out of Germany called Volla Phone that’s devoted themselves to making the most secure and private smartphones in the world. Naturally, private search was one of the first “best practices” we agreed upon. It’s why they’ve decided to make Startpage the default search engine on all of their devices. But our smartphones pose so many potential threats beyond just our searches, which is why we’ve gotten together to craft ten “commandments” that can help ensure that your data remains secure and private no matter what device you use:

1. Thou shalt activate passcode and biometric protection

Each of these unlocking methods has their strengths and weaknesses. Biometrics (like fingerprint or facial recognition) are convenient, but easier to bypass. Secure passcodes are harder to bypass but easy to forget. Using both not only ensures that you can take advantage of the strengths of both methods. More importantly, it ensures that you have to be physically present for your phone to be unlocked.

2. Thou shalt keep apps and software up to date

A piece of software is like a person: it’s most effective when it’s always evolving based on new information. This goes for malicious software as well as the software that’s protecting your data. So if attackers and their malware are getting more advanced every day, wouldn’t you want your software to do the same? That’s exactly what updates are for, so be sure to stay up to date.

3. Thou shalt only download apps from official or trusted sources

Say you wanted a new chair. Which one would you rather bring into your home: a chair that you bought in a store or a chair that you found on the side of the road? We’d all likely choose the store bought chair for a number of reasons. We have a better idea of where it came from. We know that it was probably checked for quality. We have someone to complain to if something goes wrong. The same goes for apps: if you’re not buying from an official source, you had better do lots of research to make sure the product you’re getting is safe.

4. Thou shalt check app permissions and only grant them when necessary

Even apps from the most trustworthy sources love to stick their noses where they don’t belong. There’s a very good reason for this: data is valuable, so the more they can get their hands on, the better. This goes double for four specific things: camera, microphone, location, and contacts. And even if you deny permissions to an app once, they have all sorts of clever ways to try and trick you into granting it. So check those permissions regularly to make sure.

5. Thou shalt avoid unprotected public wi-fi

A public wi-fi router is like a public pool: you have little to no control over who’s using it with you. But unlike a public pool, someone on the same wi-fi network could be trying to access your device without you even knowing it. That’s not counting instances where attackers will set up a “free public wi-fi hotspot” to lure victims into passing sensitive data over a connection that they fully control and monitor. So stick to secure connections and personal hotspots when possible, and never share sensitive data over a network that you don’t know.

6. Thou shalt backup sensitive data to a secure drive, not the cloud

There’s no denying that cloud backups are incredibly convenient. Who doesn’t want to be able to store a backup of any file or media automatically? But that convenience comes at a cost: you have no control over the server infrastructure behind that cloud. So you don’t truly know who has access to any of your stored materials or why. Does that mean you shouldn’t use them? Of course not. Just don’t use them to store anything that’s truly private. Backup those files on a separate, secure drive that only you can control and access.

7. Thou shalt turn off bluetooth and wi-fi when not in use

Your phone has so many different ways of sending and receiving information. And when you’re actively using them, they’re great. When you’re not using them, they just become more channels that attackers can potentially use to gain access. Why leave a door open if you’re not looking to invite someone inside? So if you’re not using bluetooth or wi-fi, why not turn them off. It will not only help keep your device secure, it will save you battery life!

8. Thou shalt not give out one’s primary email address

While email isn’t just something we do on our phones, it is something that we’re doing more and more on our phones…especially as more and more of us are working remotely. Suspicious links and files are one of the easiest ways for attackers to gain access to a device, and the easiest way for those files and links to be sent to you is via email. So why would you keep giving out your email address and potentially let attackers know how to send you messages? Luckily, more and more email providers are letting users use aliases, so take advantage of this feature if you have it. And if you don’t look for a provider who does. 

9. Thou shalt use encrypted messaging

The next easiest way to deliver you malicious links or files is through your texts and chats. And if someone has the ability to view your conversations, they have more information that they can potentially use to tailor a phishing attack to you. That’s why end-to-end encryption is so useful, since it ensures that the recipient is the only person who will be able to view the message. So if your messages aren’t encrypted, then find a messenger that is.

10. Thou shalt use a trusted VPN service

We’ve already talked about the benefits of a VPN before, as well as how to PUSH yourself towards a reliable one. But the most important takeaway is that, because a VPN encrypts all the data going to and from your device, it cuts down on the number of people who can see what you do on your device. And if people can’t see what you’re up to, they have a much harder time targeting you.

Like all commandments, these ten commandments are rules for us to follow to the best of our ability. Sometimes we fall short. But when we do, it still helps to stick as close to them as possible. Beyond that, different devices are able to offer additional forms of protection. That’s why, if you’re looking for additional protections, we invite you to take a look at some of the innovations that Volla Phone has built into their devices and OS (and get 5% off with the voucher code STARTPAGE)! We hope one day that offerings like a cloud-free operating system, multiboot functionality, unique security mode and a built-in VPN become the new standard. But until then, anyone looking to truly secure their mobile devices can look to this company to get a masterclass. 

Oh, and for any of our audience who resides in the EU, Switzerland, Liechtenstein, Norway, Iceland and Great Britain and is curious to try a Volla phone themselves, they’re running a giveaway this month just for Startpage users! Head over to their blog for details and how to enter. 

Was this article helpful?

Go Private

Make Startpage your
default search engine

Set as default