Earlier in the week I received a mobile phone to review. This isn’t unusual, but what I found on it was. There was a definite “pre-owned” feel to it.
No, it wasn’t scratched. It wasn’t damaged in any way. Instead it had stacks of data on it. Someone elses data.
This “someone else” is the Editor of a big print magazine. I can sympathise to some degree, because when you’re sending a phone back it’s easy to forget to clear the memory. However, the PR people usually spot this and clear it down.
In this case I’d managed to get the phone with all the data intact, and that’s when it hit me. This could happen to me very easily.
I carry around a phone and don’t secure it in any way. I’ve seen others setting up security systems – a coded lock-screen for example – but I’ve never bothered myself. Why? Why is this? Well, it’s mainly complacency. I, like others, don’t believe I’ll ever lose my phone. I take it everywhere, like my wallet, so losing it isn’t going to happen to me, is it?
Is it?
Sure, the phone I’ve got here is going to get passed around from person to person. It’s like starting a new job, getting the mobile phone that the previous guy had, and then finding a few pictures of his house on there. What did scare me though was the sheer volume of data and what I could do with it.
I’ve altered some of the more specific details here, but I had everything. Photos from home, from the office, pictures of people and streets. An email account was setup and I could read all about the new bathroom that was being installed. Perhaps more importantly, because this is GMail on Android, I had all the contact names, numbers, addresses and I could send mail too.
Pretty eye-opening stuff, and it’s not until you think about all the different networks you hook into on your phone. LinkedIn, Facebook, Twitter.. the list goes on. Here I had access into Twitter and all the private messages…
Plus all the private LinkedIn messages. Think about it – all those job offers, your CV. The names, addresses and birthdays of your friends and family. But perhaps the worst of all – I could change all the passwords, because with full access to the email account and can easily confirm all the changes.
So, what should you do? Well, we recently reviewed Mobile Device Manager from 3CX and that had the ability to Remote Wipe Android phones, so I could use that – it would just be a matter of signing up, plus I could track the phone and hopefully get it back too if I wanted. However, most people don’t even look at the “Security” section in their phone. Open it up and you’ll find a whole heap of settings including a SIM card lock, SIM change alert and encryption. I’ll admit that I’m lazy, and don’t have a “screen lock” setup, but this is the easiest barrier to put up. It’s just like closing the windows when you leave the house, and newer versions of Android include “Face Unlock” to make it a little easier. Setting a pattern, PIN or password lock will mean that most thieves will instantly hit a brick wall, and won’t be able to get as far as your LinkedIn profile, your Facebook, Twitter, email and personal pictures.
Come on. How many people have been to the pub and left their phone on the table, only to have a friend login to your Facebook and send a humorous “update” to the world? A few seconds setting up some security, that’s all it takes. A lot of your life is on your smartphone, so lock it up and take care of it, just as you would with your home.