Android, iPhone Security: 10 Ways to Avoid Personal Data Theft

By Don Reisinger  |  Posted 2010-07-07

Android, iPhone Security: 10 Ways to Avoid Personal Data Theft

There is a growing debate among security experts about whether or not the future of data security will reside in the mobile marketplace. Some believe that desktop operating systems, like Windows or Mac OS X, will continue to be hotbeds for malware that attempts to steal sensitive data.

Those on the other side of the debate contend that the mobile marketplace will become an increasingly insecure environment with programs, created by malicious hackers, taking aim at smartphones.

Those who see rising security risks in the mobile world might win the debate. Recently, a report was released by security firm SMobile Systems, claiming as much as 20 percent of all Android Market apps pose a potential security threat.

That study came just days before news broke that Apple's App Store was allegedly defrauded by a developer. Apple claims that no private information was stolen in the attack, but it calls into question just how secure the mobile-computing environment really is. 

Realizing that, it's time users start thinking about ways to keep their data on iPhone and Android-based devices secure. At this point, mobile apps themselves won't typically wreak havoc on a device. But it might be easier for malicious hackers to steal data from a smartphone either through holes in apps or intentionally malicious programs than some might think. Here are 10 ways to keep data safe from insecure apps.

1. Keep it reputable

When deciding on apps, it's extremely important that consumers examine user reviews to ensure it's coming from a reputable developer. Although most apps are secure, there are always opportunities for malicious hackers to find their way in. That's precisely why it's important for consumers to only use applications that come from developers they can trust. It's not always easy, since there are so many people making apps for the iPhone and Android-based devices, but consulting reviews and examining app makers' Websites to see if they seem reputable is a good first step.

2. Don't trust anything

Consumers shouldn't expect Apple's App Store or Google's Android Market to only offer safe apps. Although Apple does a fine job of examining apps, there is still a chance that some rogue programs can find their way in. At Black Hat DC earlier this year, a security expert explained how seemingly safe apps can make their way to Apple's App Store and, unbeknownst to the user, wreak havoc on their smartphone. Because of that risk, consumers shouldn't trust any app. Skepticism has saved Windows users for years. That same skepticism must be kept with mobile apps.

3. Keep abreast of new developments

It's extremely important for mobile app users to know what's happening and understand issues when news breaks of mobile-security problems. In the world of security, there is nothing worse than an uninformed user making poor decisions for the sake of being entertained by an insecure application. When news breaks that there have been security breaches with certain applications, or information is leaked about potential issues with a mobile marketplace, consumers must be ready to protect themselves. If they are uninformed, they will put themselves at risk.

4. Secure data with apps

Although some applications cause trouble, there are other programs available in Apple's App Store or Google's Android Market that help users more effectively secure their data. Those apps, upon thorough inspection to judge their trustworthiness, should be used by consumers concerned about potentially losing important information. In most cases, that means downloading data-encryption apps. After encrypting data, consumers will make it much harder for malicious hackers to steal their content.

Stick with Commonsense Data Protection Tactics


5. Get it to the server

There are few better ways to secure data on a smartphone than to not have it on the device. That's precisely why important data should be uploaded to a server to ensure the content isn't readily accessible on a user's smartphone. Admittedly, there are times when data must be kept on a smartphone. But any sensitive information that isn't required on a smartphone should be kept off of it. Malicious hackers won't be able to access content that isn't there. It's as simple as that.

6. Share nothing and like it

An increasing number of mobile apps available in both Apple's App Store and Google's Android Market ask users to share information about themselves. In most cases, apps ask for permission to access the iPhone's GPS to determine where users are. Although location, in and of itself, isn't necessarily worrisome data to share, offering up information to apps for the sake of getting more out of the program just isn't a good idea. Applications are nothing more than programs that run on top of a mobile operating system. They shouldn't have access to information that they don't necessarily need.

7. Remember resets

It might be a last-ditch action, but restoring a device to factory resets could be a good move for some folks who have fallen victim to malicious apps. As Windows owners know all too well, if the problem can't be easily fixed, the only option is to start from the beginning. If nothing else, such a drastic move ensures that the data that could potentially seep out by way of a malicious app will be kept away. Plus, it removes dangerous apps from the mobile software. Sometimes, simply removing a bad app isn't enough.

8. Consider Android's permissions

Android OS allows third-party apps to perform several actions, including place calls, text messages and more. The issue, according to security experts, who found as much as 20 percent of Android apps are insecure, is that a developer with wrong intentions could potentially violate a user's privacy with all the access they have to the operating system. Google denies that it's as bad as it sounds. The company said in response to those concerns that since users are required to allow permission to information, safeguards are in place. But it's debatable just how desirable it is to allow access to such data, regardless of how permissions work. In any event, Android OS users should vet apps thoroughly before downloading them.

9. Backup is extremely important

Backing up data might seem like an obvious way to keep data secure, but not enough people realize that it could be the single most important aspect of any mobile-security plan. On far too many occasions, users lose data or see their data stolen by hackers. Regular data backups give users the option to leave the house each day with only the data they really need on their smartphone. Backing up gives users more safety and more options. And it plays a key role in mobile security.

10. Stick with known apps

In the end, consumers who are deeply concerned with potential mobile-security problems should only stick with applications that they know they can trust. Although any app can potentially cause a problem, there are some well-known programs that deliver a robust, worthwhile experience for consumers. Typically, those apps come from major names in tech or prominent Websites that are simply extending their product to mobile applications. There are undoubtedly unknown companies offering outstanding applications. But if absolute security is what consumers want, venturing into unknown territories can be extremely dangerous

Rocket Fuel