The 9 Best Ways to Keep Your Smartphone Secure

A few simple steps can help keep your privacy and identity protected

Take a moment to think about just how much of your daily life is managed by the smartphone in your hands. If you’re like most people, that phone is your connection to the outside world, your source of information and entertainment, your method of payment, your photo archive, your window on personal health and finances, and much more.

Now think about how much sensitive personal data is stored on that phone and in the apps you’ve downloaded. If you consider your phone to be an all-in-one tool for daily living, then you absolutely need to protect it from outside threats, just as you’d protect a loved one.

Here are 9 tips for securing your privacy and identity while using your smartphone, including what to do in the worst-case scenario should your phone become lost, stolen, or hacked.

1. Use multi-factor authentication.

The least you can do to protect your phone is to lock it with a passcode, making sure the code is not something obvious like your birthday, and that you shield the phone from prying eyes when inputting the code in public. Beyond that, it’s important to use multi-factor authentication, which confirms your identity by requiring you to take an additional action to use the phone. Ideally, it should be biometric authentication such as scanning your face or fingerprint. (On an iPhone, set up Touch ID or Face ID. For Samsung and Google devices, set up fingerprint scanning.) If your phone is lost or stolen while the screen is locked, thieves can’t get in.

2. Secure your apps.

You also need to lock down access to your apps, especially those containing sensitive personal data. Along with using a unique password for each app, add multi-factor authentication. Download a verified authenticator app such as Google Authenticator, Microsoft Authenticator, Authy, or 2FAS, then link your other apps to the authenticator. Be sure to sign out of an app after you use it, every time. This way, no one can access your accounts unless they’ve got your usernames, passwords, and physical possession of your unlocked phone.

3. Download apps only from safe sources.

Sketchy apps can be used by fraudsters to harvest personal data or plant malware on your phone. You can reduce the risk by only downloading apps from Apple’s App Store or the Google Play Store. While there’s no guarantee that malicious apps can’t show up in those stores, Apple and Google have put measures in place to greatly minimize the odds of this happening. Before downloading an app, check ratings and reviews. And make sure that any financial or healthcare app is the official one offered by the company, and not a fraudulent knockoff.

4. Keep software updated.

Have you ever ignored a notification to update your phone’s operating software? Don’t. Whenever there’s a system update, it almost always includes a security upgrade or a new patch to fix an existing vulnerability. Turn on automatic software updates to make sure your phone always has the latest protections against cyberthreats.

5. Clean up your apps.

If you’ve got screen after screen filled with apps, chances are you’re no longer actively using at least some of them. Because unused apps may be running older software and have security vulnerabilities, take the time to delete the ones you truly don’t think you’ll be using any time soon. As for the apps you’re still actively using, check to see that they’ve been updated to the latest version available, and turn on automatic updates whenever possible.

6. Limit app permissions.

App permissions are a set of rules determining which types of data can be accessed by an app. An app might, for example, seek permission to access your location, record audio or video, or access files on your phone. This raises a privacy concern, especially because many apps collect this data and sell it to third parties. It’s important to limit permissions in order to prevent apps from collecting any data you don’t want to share. (Here’s how to adjust app permissions on iPhone and Android devices.)

7. Encrypt your Wi-Fi.

Free public Wi-Fi networks are magnets for bad actors who want to spy on your location or online activities. Some free networks are even fakes created by fraudsters to install malware on your device or steal your personal information. If you must use free public Wi-Fi while on your phone, be sure to first set up a virtual private network (VPN) such as SafeWiFi from IDX. A VPN encrypts your Wi-Fi connection to keep your privacy protected.

8. Back up your data.

Be sure to regularly back up your phone’s data so that it’s securely stored in the cloud. (Here’s how to do it for iPhone and Android devices.) This helps ensure that if the device is lost or stolen, you’ll still have access to important files and settings.

9. Find, lock, and/or erase a missing phone.

So your phone has been lost or stolen. No need to panic! Along with keeping your data backed up (see above), you’ll want to remotely lock the phone. For iPhone, use “Lost Mode” from icloud.com; for newer Android phones, use “Remote Lock,” which lets you lock a phone from another device using your phone number and a security challenge. If you need to remotely wipe (erase) a phone’s data to keep others from accessing it—be sure you’ve got a cloud backup—here’s how to do it for iPhone and Android. Finally, to track the location of a lost or stolen phone, use “Find Devices” for iPhone or “Find My Device” for Android.