This week’s theme for Cyber Security Awareness Month is “How to protect yourself online.” This is a broad topic, so we’ve chosen to focus on our specialty: phone security. Phone security can be a complicated subject, but we’ve focused on the phone security basics everyone should know, and explained a few extra things you can do to level up your security.
Phone security tactics step one
Here are the three most basic things that everyone should do to increase the security of their phone:
- Hardware: Some phones are built more securely than others. Phones from Apple, Google, and BlackBerry are the most secure on the market. Choosing these phones is always a good idea, with the Key, Pixel, and flagship iPhones always being the best choices from those manufacturers. All these devices have tamper-resistant chips that reduce the chances your device can be compromised with malware.
- Software: Update your software with the latest patches. Always and every time you see the “Update available” notification. Most updates have some kind of security update included, so don’t skip little patches that don’t seem like a big deal. Hackers go out of their way to look for devices which haven’t been updated and target them first.
- Passcode: Even a simple a 4-digit passcode protects your phone against someone picking it up and checking out all your stuff, but that’s not all. When you enable a passcode, your phone encrypts everything on your phone. All smartphones available for the past 6 years have default device encryption as soon as a passcode is set up. A four digit passcode is good, six is better, and a real password with letters and numbers is best.
Stopping attackers from going after you is simply a matter of making it difficult for them to get to your data. They would rather pursue an easy target than a difficult target. The three steps above will not make it impossible for a hacker to attack you, but they make other people easier targets than you.
Protect Your Privacy with SKY ECC
Private, encrypted mobile data network
Encrypted network communications
Private, encrypted mobile data network
Strongest encryption available
How SKY ECC handles phone security
All SKY ECC devices cover all the basics (and more):
- Hardware: SKY ECC is only installed on the most secure devices available. They all featured tamper-resistant chips, high build standards, and high quality overall security practices.
- Software: The SKY ECC app is installed within an encrypted container on the operating system. This means that no matter how insecure the software is there is no way for it to impact the SKY ECC app. Rollback protection on all SKY ECC devices prevents attackers from “rolling” your operating system back to an insecure version as well.
- Passcode: A six-digit passcode is mandatory on all ECC phones. Even if someone manages to crack your phone passcode the brute-force protections in ECC itself will stop them in their tracks. We also disable biometrics (like fingerprints or your face) because they can degrade the security on our ultra secure devices.
Phone security step two
With the easy stuff out of the way, it’s time to look at things which surround the security of your device. These are related to connections, and how your communications can be intercepted via these connections:
- App permissions: Many apps , especially “free” apps, collect a tremendous amount of data about you. Review app permissions regularly to make sure they have only the basic information they need. Many apps ask for access to the camera, contacts, your microphone, and GPS—even when they don’t need it. This extra data is often left exposed within the app or servers and readily available to hackers to exploit. Sometimes it’s hard to tell what permissions are needed and we often just tap OK without thinking about it. Take a moment and ask yourself if that game really needs access to your camera or GPS.
- Wi-Fi: Wi-Fi is amazing. Wander around connected to the internet without wires! But there is a downside to Wi-Fi, when stores and restaurants set up Wi-Fi they often forget about security or are designed to capture your information for marketing. Be very careful when you connect to Wi-Fi away from home or work. And if you do have to connect to an unknown Wi-Fi hotspot, use a VPN and avoid doing sensitive things like banking or shopping.
Connections are a huge point of vulnerability, especially when you are using public Wi-Fi. Hackers know to go to the locations and exploit weak Wi-Fi, or even set up their own. It comes down to you and how you protect yourself if you want true phone security.
How SKY ECC secures connections
Every SKY ECC device connects to our private and secure mobile data network, and when you’re using Wi-Fi we encrypt all communications by default. SKY ECC won’t even load and let you login if the connection isn’t secure.
We also pass all your already encrypted data through anonymizing gateways as an extra step to prevent someone snooping on your connection from following you to our communications servers.
Visual learners may find this image helpful as it visually explains our network connections.
Push notifications can be very tricky to anonymize, encrypt, and protect. So we use session tokens with only the barest amounts of information to let you know you have new messages. Here is how our tokens work on push notification servers, and a link to our network security article to learn more.
Phone security step three
The apps you install on your phone have a huge impact on your security. There are apps which can both help or harm your phone’s security. Here are five things to check regularly:
- Old apps: Simply going through your phone periodically and deleting apps which you no longer use is an effective security tactic. This can be Od apps which are no longer updated can be used to hack into your phone so if you’re not using the app—delete it.
- Malware and antivirus protection: Every time you connect to the internet there is a possibility that you can download some sort of malware. There are many types of malware specific to mobile applications out there. Basic free antivirus or malware apps can protect you against them. Yes, even if you have the most secure hardware you should still use one.
- Password manager: Download a password manager manage your passwords, and disable Smart Lock for Passwords (if you have a password manager you don’t need it). Password managers let you create the complex, impossible to remember random passwords experts say you should use and only have to remember one master password to unlock access to all the passwords.
- Find My Device/iPhone: Installing either Find My Device or Find My iPhone will help you find a lost phone (even when it’s lost in the house). You can even remotely wipe it if you determine that it was stolen.
- Manage corporate devices: Having control over corporate devices will allow those who own the device, but don’t physically control it, to wipe it, or locate it. and set security policies for all devices. This is similar to a Find my Device app, but with more granular control. A tool like SKY WORK is perfect for managing company devices.
How SKY ECC handles apps
All SKY ECC devices are managed devices which means we’ve gone through and proactively disabled features that could compromise your privacy and security. We block unauthorized apps (you can’t install apps yourself, even from official app stores), unauthorized connections, and disable features like Bluetooth that can be used to compromise the device. Managing devices gives us much more granular control over security settings than what are available in the settings you see on your phone.
Phone security step four
Now we’re getting into the more advanced phone security tips. These are tips to keep in mind all the time:
- No jailbreaking or rooting: Everyone seems to want to jailbreak or root their device lately so that they can customize their phone, download forbidden apps and turn on special features. Unless you’re a phone security expert, don’t jailbreak or root your phone. Jailbreaking and rooting work because they literally compromise the security in your phone to get around the systems that protect it in the first place. Unless you’re an elite-level programmer you will have little hope of being able to secure your jailbroken phone.
- App stores: Only download apps from official app stores. Google’s Play Protect screens apps for malware and other obvious problems. When you download an Android app from just any website you don’t have any guarantee the app is safe. Apple doesn’t allow you to use other app stores (unless you’ve jailbroken your phone) precisely because outside of their walled garden it’s a post-apocalyptic wasteland of mobile malware.
- Ransomware: Be wary of opening messages from people you don’t know, and especially don’t open attachments from sources you don’t know. It’s so easy for an attacker to hide code in something which looks innocent. Even be cautious opening attachments and clicking links from emails that look like they come from someone you know. Example: We got an email from our new payroll system asking us to click a link and login to the new system. Before we clicked we started a thread in the company chat to make sure this was legit (it was). Even though the email seemed okay with references to SKY GLOBAL and appeared to come from a well-known company, these emails can easily be faked and used to steal login information or install ransomware.
- Biometrics: There is a serious issue with biometrics most people forget; if your biometrics are compromised you can’t replace them. Stealing a fingerprint is easy; replacing your fingerprint is impossible. White hat hackers recently showed how they could fool biometrics with a single HD photograph of a target’s fingers (a peace sign is all they need), and criminals have been creating fake fingerprints for scanners for decades…remember that scene in Ant-Man with the tape and superglue? That could actually work. Even iris scanners can be foiled with information stolen from HD photos.
- Public chargers: Bring your own charger which plugs into an outlet and don’t use public USB ports. I know they’re convenient at the mall or airport, but “juice jacking” is real and hackers always go to where there is convenience and exploit that weakness. In this case you give hackers pretty much complete access to your phone once you connect to a juice jacking port which has the right software to exploit your phone. They can pretty much steal anything they want at that point.
Real phone security never stops as you have to always be vigilant. Keep these five points in mind as you use your phone from day to day because a big part of phone security is in your head, not in your phone.
How SKY ECC handles these security issues
Let’s look at each of the five points above one by one in turn:
- Jailbroken or rooted devices can’t install SKY ECC. The tampering chips have been triggered so the device isn’t secure.
- We restrict the apps available on SKY ECC devices.
- SKY ECC wasn’t designed specifically to stop ransomware, but just the way SKY ECC devices are set up prevents nearly every way malware or ransomware can infect a device. SKY ECC devices don’t have email clients, they can’t install new apps, and we only allow connections to our own servers so apps like keyloggers can’t “call home” to send your information to them.
- Biometrics have been disabled on all SKY ECC devices. We believe biometrics gives you a false sense of security and has too many potential weaknesses for a secure device.
- While there’s nothing we can do to stop you from plugging into a juice jacking charger, but we do block and protect connections via USB connections. Even if you plug into a juice jacker, SKY ECC is in a protected container isolated from other apps and software.
Make smart phone security choices
This Cyber Security Awareness month, be sure to learn how to protect yourself online in all settings, not just on your phone. Many of the tactics discussed here can apply directly to other mobile devices, and even your desktop computer.
For the absolute best in phone security options, contact a SKY ECC representative using the button below right now to see how we will keep your phone–and its important data–secure.