4 minute read
Bill & Phil Gadget of the Month: Privacy Settings for Smart Phones
BILL & PHIL’S GADGET OF THE MONTH By: Bill Ramsey
Neal & Harwell
By: Phil Hampton
Founder and CEO, LogicForce Consulting
PRIVACY SETTINGS FOR SMART PHONES
Our smartphones hold many secrets about us, from where we have been to what we are watching, how much we are walking or even sleeping. The convenience of smart phones in capturing and analyzing so many intricate details of our lives is the very reason that these devices are a huge threat to our personal privacy, something that Americans normally guard zealously. You wouldn’t think about reading aloud the last 5 instant messages you typed on your phone in a crowded coffee shop or displaying the last 5 photos you took on a public display; but you could be effectively leaving yourself vulnerable to this type of privacy invasion by not paying attention to the privacy settings on your smart phone.
With just a little effort, you can protect yourself from unwanted prying eyes accessing your personal data on your smartphone. First and foremost, we highly recommend that you create a PIN or some other method to lock your smartphone when not in use. When you activate the lock screen feature on your phone, you automatically encrypt your phone’s contents. Many phones today will allow you to create a PIN but will also allow you to unlock your phone with a biometric authentication method such as a fingerprint or face ID. We recommend that these features are enabled on your phone as a basic first step.
Another step we highly recommend is to enable twofactor authentication (2FA) on any app or website that offers this enhanced authentication method. With 2FA enabled on Gmail, for example, if you try to login to your Gmail account from an unfamiliar location, 2FA kicks in and sends a security code via SMS text to your phone. When you receive the security code, you type it into the requesting app (Gmail, for example) and the app then allows access. 2FA will essentially block access to your personal apps and data if someone tries to login as you on an unknown device.
Beyond authentication measures, however, there are still other ways to protect your personal data from more surreptitious access attempts. Most phones, both iPhones and Androids, have a Location Services option in the Settings. Locations services are various systems on your phone that can track your physical location, such as GPS, Bluetooth, and cell tower signals. If you wanted to make your phone completely invisible on the grid (as they say), you could just turn off the Location service. But then how would we ever navigate anywhere again as we are totally dependent on our phone’s GPS and Maps app to get around? Apps like Google Maps, Waze, Uber, and Lyft need to have access to our location to function as we expect them to. Other apps, however, may have access to our location without really needing access. We recommend visiting the Location Services setting on your phone and reviewing all the apps that have access to your location. If an app doesn’t need to know where you are, you should turn off access. For example, unless you use the Checkin feature on Facebook, there really isn’t a need for the Facebook app to access your location. So, on your iPhone with iOS14, you would go to Settings->Privacy->Location Services (for the iPhone in general, and for each app specifically).
Similarly, on an Android phone, you would go to Settings->Privacy>Permission Manager->Location, look for apps that have access to your location, and disable access for all but essential apps.
When you open a new app for the first time, it may present you with a number of prompts asking if the app can have access to various services on your phone, such as your location, camera, microphone, contacts, etc. While many quickly answer “Yes” to these prompts thinking that it is necessary for the app to function correctly, we recommend being more picky and only grant access to what is absolutely necessary for the app to work. For example, it makes sense that Facetime or Zoom would request access to your camera; and so, you would grant that access. It doesn’t make sense to us why a retail shopping app would need access to the camera, and so we would be inclined to deny access to that app. Again, these settings for apps that have already been installed can be reviewed and modified in the Privacy settings on your phone.
On the iPhone, a couple of privacy enhancements in iOS14 are noteworthy. Under Settings->Privacy->Bluetooth you can see a list of apps that have access to your phone’s Bluetooth signal. As with all location services, there are some valid reasons for some apps to access your Bluetooth signal; but there are probably many apps that are using your Bluetooth signal to communicate to nearby beacons. Privacy hawks would probably tell you to just turn off Bluetooth all the time until you need to use it. Our stance is to leave Bluetooth on but to disable access to Bluetooth on an app by app basis.
Another noteworthy new feature in iOS14 is the Precise Location setting. In this version of iOS, when an app requests access to your location, there is an option called Precise that you can toggle on or off. A location dependent app, such as Uber, probably needs access to your “precise location” so the Uber driver can find you to pick you up. Other apps which you may grant access to your location, nonetheless, don’t really need to know your “precise location”. In these instances, we recommend leaving the “precise location” option turned off.
While we all give up a little privacy the minute we log on to any connected device, a little due diligence and common sense can limit our exposure on a “need to know” basis and preserve a privacy curtain in the online world.
