This post may contain affiliate links/ads and I may earn a small commission when you click on the links/ads at no additional cost to you. As an Amazon Affiliate, I earn from qualifying purchases. Techsphinx also participates in the StationX Affiliate program. You can read my full disclaimer here.
Smartphones have become a part of our life. It has our email id, credit card & bank details, knowledge of your social life, names of friends, family and many other personal data. Since it contains so much personal data about a person, obviously security and privacy are major issues when it comes to smartphones. Countless number of phones are hacked and stolen in a day and not to mention the amount of personal info that is misused or leaked for monetary gains. In this post, you’ll learn how to secure android phone by following just 12 easy steps to protect your personal data from falling into wrong hands.
12 Steps to Secure Android phone
1. Lock your phone
This is the most basic thing you can do to secure your phone. Many people don’t take this step seriously until someone pickpocket their phone either on a bus or any other public place and they get a hefty credit card bill at the end of the month.
Now, most android phones come with a variety of methods to lock your phone, including pattern, pin, password, fingerprint, face recognition, voice recognition and iris scans but locking your phone with a pin or password is recommended. I know, the other options seem great and less hectic as compared to pin or password, but all other options like fingerprint, face lock, pattern etc. can easily be broken. However, don’t be stupid enough to use 1234 or your ATM number as your pin.
2. Lock your apps
Locking your phone can keep you safe from pickpocketers or strangers but what about people you already know? like your friends or other people whom you trust. You may easily give your phone in their hands, maybe for showing them the pics of your last trip, but this doesn’t mean they can’t look into other apps installed on your phone.
Locking your apps will protect you from all the wolves in sheep’s clothing. Most phones come with app lock features pre-installed but if it doesn’t then you can also use third-party apps like AppLock by DoMobile Lab which is available on the play store and has over 50M downloads.
3. Uninstall apps you don’t need
Removing unused apps not only increases the performance and storage of your device but also keeps you safe. Nothing is perfect in this world, not even the apps you have on your phone, they all have bugs and vulnerabilities which are always being patched by the developers. Now, a hacker can easily get into your phone, if he found about these bugs/vulnerabilities before the developers.
So, keeping any apps that you don’t use, will only do more harm than good. Only trust, download and install those apps which are updated often.
4. Use good VPN
Do you love free WiFi? Of course, who doesn’t? So, to make sure the free WiFi doesn’t cost you your personal information, using a good VPN is recommended. This is ‘the’ most important and crucial step one can take, in terms of security.
VPN is a Virtual Private Network that allows you to mask your IP address and other data by tunnelling it through another server located anywhere in the world. Using a good VPN, you can stay safe from being spied on by third party advertisers who try to track you and create your persona to show you relevant ads, hackers who want to steal your personal info or even your own government, also the VPN allows you to access data or websites that are blocked in your location.
Free WiFi is the hunting ground for hackers since most of free WiFi doesn’t have any encryption, you are serving your personal info on a silver platter. Doesn’t matter if you are in a coffee shop, an airport, hotel, any other public place offering free WiFi or even your friend offering free WiFi in the name of friendship, always stay safe and protected by using a good VPN.
5. Play Store apps only
Most of the malware in android phones come from apps which are downloaded from anywhere other than Google’s official play store. There are very few cases of having malware in an app downloaded from play store, this is Google we’re talking about, they have dedicated teams and resources for monitoring all the apps on their store. Google Play also offers Play Protect which scans apps installed on your phone for potential threats.
Play protect scanning is always ON in most of the phones, if yours doesn’t then go to settings > security > Google Play Protect and turn on “Scan device for security threats”.
People often tend to cracked apps because they don’t want to pay for the premium version, they hate in-app ads, they want mods and many other reasons, but this is where they get trapped. They think they’ll get all the best features of the app for free in a cracked version, and this thinking is what costs them a fortune. Cracked apps and software available on the web usually contain malware to steal personal info and other private data.
So, if you are downloading apps only from play store, then you are reducing the chances of an encounter with malware to a great extent.
It’s better to pay $10 to remove ads on the official app than to lose $1000 because some malicious cracked app stole your credit card & banking info.
The lesson here: Always stick to apps from play store.
6. Two-Factor Authentication
Two-Factor authentication or two-step verification is more about securing your Google account instead of securing the phone itself. If you are using android, there are chances you are also using Google Services like Gmail, Google Drive, Google Pay and many others to store your important data on these services. Google’s two-factor authentication allows you to secure your Google account from falling into wrong hands.
With this added layer of security, you’ll sign-in into your Google account in two steps, using your password and your phone/security dongle. So, even if someone found out your Google account password, they still can’t log in unless they have access to the phone or security dongle.
Not only Google, but other companies like Facebook, Instagram, Amazon, Twitter, Microsoft, Yahoo, LinkedIn, Snapchat, Pinterest, Dropbox, PayPal and many others also provide the facility of two-factor authentication to its users.
Use the above link, if you want to know more or enable 2-Fa on your Google account.
7. App Permissions
Whenever you install any app on your phone, it will ask for permissions to work properly. Thanks to Google Play store, you can view all the permissions that an app requires before downloading. Granting permissions is necessary, for example; you can’t use a selfie app unless you give it permission to access your camera and storage.
But what if a selfie app asks for camera, storage, call logs, SMS or contact permissions? Sounds malicious, isn’t it? We can agree with camera and storage, but why a selfie app need our call logs or contact info? That’s how permissions are misused to collect your personal information.
Always keep a tab on the permissions you are granting to an app. You can always check permissions which you have granted to the apps under your settings > Privacy > Permissions.
If you don’t find a valid reason for an app asking for a particular permission, then either don’t download the app or deny when it asks for permission access.
8. Turn off Connections (WiFi, Bluetooth) when not in use
Turning Off network connections not only saves battery but also closes the door for many potential threats. There were many cases where an attacker gained full control of the device and personal data using vulnerabilities in network connections.
There was a time when a set of 8 separate vulnerabilities collectively known as “BlueBorne” which can easily be used by attackers to infect a large number of Bluetooth enabled devices without the need of any user interaction.
Although, “BlueBorne” is already patched, but to stay safe from any undiscovered network-related vulnerabilities/flaws, it’s better to keep your network connections off when not in use.
9. Enable Find-my-device
As the name suggests, this feature helps you to find your phone if lost or stolen, not only that, this feature also allows you to remotely lock and completely erase your data on your phone, if you suspect your phone is fallen into wrong hands.
To enable Find My Device go to Settings > Security > Find My Device and turn it on. After turning it ON you can go to android.com/find and sign in with your Google account to locate your device or you can also install Find My Device app from play store and follow the steps accordingly.
After enabling find my device, you can do the following things in case your phone goes missing:
- Locate Your device.
- Play Sound. (It will ring even if your phone is on silent)
- Lock your device and sign-out of your Google account. (You can even display a note, for whoever has your device and also you can locate your device after it’s locked)
- Erase the data. (If you are sure, you are not going to get your phone back, then this option is your best bet. Beware after using this option you can’t locate your device)
One more thing to keep in mind that, “Find My Device” feature will only work if your location is turned ON and also it must be connected to the internet.
10. Use Good Antivirus App
If you are only downloading apps from Google play store and already has play protect turned ON, then there’s no need for another antivirus app right? Wrong!
We all surf web using android phones, not only that we also download videos, images etc. using our browser and not to mention, files we download from untrusted sources may contain potential threats. Play Protect only protects you from malware in your apps. It will not protect you if you are downloading other files from the internet such as songs, images, pdf etc. that contains a virus.
A good antivirus program will protect you from many online threats while you are surfing the web and downloading files from anywhere on the internet. Apart from malware detection, a good antivirus app also provides anti-theft features, security while shopping and online banking, a great firewall, securely deleting your data and security while surfing the web.
11. Always keep your Device and Apps up-to-date
I think most of us follow this step already, we always update our apps and devices for newest and coolest features but this is important in terms of security too. Latest OS and app updates cover many patches and bug fixes that are crucial for any android device.
Always keep in mind when purchasing a new phone to check how frequent the manufacturer releases new updates. The more frequent the updates the better in terms of security for your device.
Don’t take this step lightly, make sure you update your phone and apps as soon as it releases an update, the longer you delay the more you pay.
12. Encrypt your Phone (Optional)
Encrypting your device is one of the best ways to secure your phone, but this step is optional as it also comes with a risk of losing your data if anything goes wrong.
First things first, let me tell you what actually encrypting your device means. Encryption basically means locking your data in a scrambled, unreadable form which no one can read or access unless you decrypt it with an appropriate key (pattern, pin or password).
Add a pin, password, pattern as a screen lock security for your device. Then you go to Settings > Security > Encryption > Encrypt phone, you will get the option to encrypt your device. Now, if you encrypt your phone you’ll have to provide a pin, pattern, password at the time of booting (starting) your phone. This makes the phone take a little longer to boot. Whenever you unlock the device, it decrypts the data for you. Encryption is a great security feature in case your device is lost or stolen.
Now, let’s talk about the risk I mentioned earlier.
- Encrypting your device may take up to an hour, during the process if your device is interrupted you’ll lose all your data.
- Encrypting your device is a one-way process, once you encrypt your device, the only way to turn OFF this feature is by factory resetting the device if your device doesn’t have the decrypt option.
- If you have a rooted device, you may encounter some complications when encrypting your device.
Battery must be charged more than 80% and phone must be plugged in for charging otherwise the phone will not even let you start your encryption process. So, plug your device into the charging socket and leave it untouched until the process is finished.
If you want to proceed with this security feature, I advise you to take backup of your important data before proceeding.
Securing your android phone is no rocket science, changing some habits and tweaking some settings will do the trick.
Now, I am not saying that following these steps will make your phone perfectly safe but your device will be more secure than it is right now and also there is less chance that your device and data will fall into wrong hands.
Which of these security features you already follow? What are other things you are doing to keep your device safe?
Answer these questions in the comments and if you like this post share it with your friends and family and help them to stay secure.