10 Defenses Against Smartphone Theft - InformationWeek
Mobile // Mobile Business
10:34 AM
Connect Directly
Open Source Security for Containers in a DevOps World
Dec 07, 2017
Managing container infrastructure in a production environment is challenged by problems of scale. ...Read More>>

10 Defenses Against Smartphone Theft

Thieves see mobile phones as easy cash. Take these 10 steps to defend yourself.

10 Best Tablets Of 2013
10 Best Tablets Of 2013
(click image for larger view)

In major US cities, 30% to 40% of thefts involve mobile phones, according to the Federal Communications Commission. In some cities, the percentage is higher: In New York, it's over 40%, and in San Francisco, the figure is about 50%.

To help keep smartphone owners safe -- because some thefts have resulted in the injury or death of the victim -- New York Attorney General Eric Schneiderman and San Francisco District Attorney George Gascon are backing a Samsung proposal for an opt-out kill switch.

Samsung wants to include the Absolute LoJack software on all its phones so they can be rendered inoperable from afar. It ships the code as firmware in its Galaxy S4 and Galaxy Tab 3, so the security program can survive a factory reset.

Wireless carriers have rejected Samsung's proposal, citing the risk that hackers could find a way to disable people's phones. But according to the Associated Press, Samsung provided email evidence to the San Francisco District Attorney's office that Gascon said, "suggest[s] that the carriers are rejecting a technological solution so they can continue to shake down their customers for billions of dollars in (theft) insurance premiums."

Apple's iPhone employs its own software-based kill switch in the form of its Find My iPhone software. The company recently added its Activation Lock as part of iOS 7 to prevent Find My iPhone from being disabled, and introduced its Touch ID fingerprint sensor in the iPhone 5S to provide better security than the typical password.

Gascon and Schneiderman have recommended several actions individuals can take to mitigate the risk of "Apple picking," the perversely brand-specific term used to describe mobile phone theft. We at InformationWeek have a few recommendations of our own as well. Here are 10 ways in countdown order to avoid phone theft.

10) Use security applications
Android phones and iPhones both come with security software. But that doesn't mean the software is active, or that third-party software might not help even more. If you have an Android phone, make sure you're using Android Device Manager or a third-party security software such as Lookout Security & Antivirus. If you have an iPhone, make sure Find My iPhone has been set up and activated.

9) Use a strong password
Too many people just give up when it comes to passwords, access codes, and PINs. They pick something such as "password" or "qwerty" or "1234." Raise the level of your game: Come up with a functional password generation recipe, then apply it to your devices and websites. You don't need a password manager. This is not rocket science.

Here's one way to do it: Take the last letter in a website's domain or a device's manufacturer ("k" from "informationweek.com"), a punctuation mark ("?"), and a phrase, like lyrics from a song ("Here comes the sun," in the song of the same name by The Beatles, but capitalized). Then string them together in a pattern you can remember, replacing at least one vowel with a number, like the letter "o" with the number "0". The result is "k?HereC0mesTheSun?k" -- a reasonably strong password that will be different for most websites. Or develop your own system. Just make it memorable and commit to it.

8) Keep phone data handy
Write down your phone model number, serial number, and International Mobile Equipment Identifier (IMEI). If your phone gets stolen, you'll want these numbers (along with your mobile carrier's support phone number) to help your carrier place your IMEI number on the GSMA IMEI blacklist. You can find your IMEI number in most phone settings menus by dialing *#06#, or by checking the battery compartment, if accessible.

7) Be aware of your surroundings
We've all seen them. People who meander down the sidewalk, staring at their phones, forcing others to take evasive action to avoid a collision. People chatting on phones oblivious to those nearby. People who set their phones down on cafe tables or on public transit seats. People who let their phones dangle from purse or pocket. Don't be one of these people.

6) React quickly if your phone is stolen
Report the theft to the local police. This will allow police to check websites that might be trying to unload your stolen phone and will provide you with a police report in case you want to make an insurance claim. Report the theft to your mobile carrier, so your phone service can be suspended and the phone's identifier can be blacklisted. Activate any applicable security software such as Find My iPhone or Lookout. You might also want to change your phone and app passwords, in case the thief was able to login and access some of the services you use through stored passwords. If you're really lucky, your phone's security software will help you recover your device.

5) Choose your phone to match your security expertise
Google executive chairman Eric Schmidt recently insisted that Android phones are more secure than Apple's iPhone. That might be true if you're talking about recent-model Android phones with the Android 4.4 "KitKat" operating system. But security experts scoff at Schmidt's claim. The reality is that the majority of mobile malware affects Android devices.

In August, the FBI and DHS issued a report that found 79% of mobile malware affected Android devices, 19% affected Symbian devices, and less than 1% affected BlackBerry, iOS, or Windows Phone devices. Android's troubles largely arise from the fact that as many as 44% of Android users worldwide rely on Android versions 2.3.3 to 2.3.7, which have known vulnerabilities. So although it's possible to run Android securely, it requires more diligence. Choose BlackBerry, iOS, or Windows Phone if you don't want to be proactive about security. Choose Android if you require the flexibility of a more-open ecosystem and are comfortable with the responsibility.

4) Choose your WiFi network carefully
Just because a WiFi network is visible and accessible doesn't mean it's safe. Use secure WiFi networks when possible. When there's no other option, avoid doing anything that involves authentication if you can. You never know who might be listening or intercepting unprotected network traffic.

3) Choose your apps and websites carefully
User behavior represents a major source of insecurity. If you can avoid downloading sketchy apps and visiting suspect websites, you will reduce your chances of acquiring malware. Security firm Trend Micro says it has analyzed 3.7 million Android apps and updates, and found 18% to be malicious, with an additional 13% categorized as high risk. Almost half of the malicious apps (46%) were acquired from Google Play, the company says.

2) Don't buy phone insurance
If the mobile carriers really are fighting pre-installed security software to sustain revenue from insurance premiums, you can fight back by refusing to participate. Carrying your expensive smartphone without an insurance net should also encourage you to guard your phone more carefully. Of course, you'll be wishing you had insurance when your phone slips from your pocket and fracture lines spread across the touchscreen...

1) Leave your phone at home
It's easier said than done. But you can't lose what you don't have. Shocking though it may be, people used to get by without mobile phones. Try it once in while, if only to highlight your device addiction.

Making decisions based on flashy macro trends while ignoring "little data" fundamentals is a recipe for failure. Also in the new, all-digital Blinded By Big Data issue of InformationWeek: How Coke Bottling's CIO manages mobile strategy. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 3 / 3
User Rank: Apprentice
11/27/2013 | 3:23:55 PM
Re: Wake up, people
It's all about greeds.  Wireless carriers won't do anything when you report lost phone.   Carriers know the "serial number", IMEI, of each activated phone; they just simply don't care about your lost.  You may google the internet and find out how Australia handles the stolen/lost phones.
User Rank: Ninja
11/27/2013 | 2:58:18 PM
Re: Wake up, people
What a whole scam on the insurance bit! I never even realized that these wireless carriers that try to be all cute and cuddly on television commercials are fleecing people in the form of this ridiculous insurance. 

Okay, it does make sens for people who are using their devices in harsh environments or are perhaps a little more clumsy than the norm, but what about all of the rest of the people paying these premiums and geeting ripped off as a result?
User Rank: Strategist
11/27/2013 | 2:04:09 PM
Re: Wake up, people
What about those looking at their phones so intently they bump into you on the sidewalk, or walk into traffic at the intersection, not looking or even realizing they are no longer on the sidewalk! 

I recently saw a guy in his 20's listening to music with earbuds walk into a busy 2 lane road.  He stayed on the center line about 100 ft, never looking back for traffic that was approaching him from a signal light that turned green in his direction, then he slowly moved to the center of the lane for another 150-200 ft before angling towards the curb and sidewalk.  It was almost dark then and a miracle he was not run down by someone who didn't expect a pedestrian in the lane!  This was 1 block from a Calif State University campus in an area where students park in a residental neighborhood to avoid paying for parking on campus.  I though about honking my horn as I passed, but that might have caused him to make a bad maneuver and get hurt.
User Rank: Author
11/27/2013 | 1:41:53 PM
Data vs Devices
The sooner we move to smart phones that rely on data kept in the cloud instead of on their devices, the better.  InformationWeek contributor Ashok Sankar, who works with the Defense Department's classified data networks, makes a good case about that elsewhere on the site. See "Keep Data Off Mobile Devices & Away From Adversaries" by Ashok Sankar http://add.vc/fZy #

User Rank: Ninja
11/27/2013 | 1:27:39 PM
Re: Wake up, people
Thomas, you are so right, it's great to raise the issue so that maybe some people will at least start to think about it.

I wonder if it's a good guess that, with cloud computing becoming an ever greater factor in everyone's digital life, more and more of the overall expense of using these these devices will be in various subscriptions to different online services and programs, and less and less in the physical device itself? That way, loss of the device will be less costly, and less profitable to any malefactor.
Thomas Claburn
Thomas Claburn,
User Rank: Author
11/27/2013 | 1:15:25 PM
Re: Wake up, people
>No software program can protect someone from their own stupidity

But hopefully raising the issue can make people more aware without the wake-up call of being victimized.
User Rank: Author
11/27/2013 | 1:02:50 PM
Find My iPhone
The first time you leave the iphone somewhere public, you realize the value of having this option -- and having password protected the phone. And you will leave it somewhere. It is a matter of when, not if.
User Rank: Ninja
11/27/2013 | 12:47:06 PM
Wake up, people
I find it simply amazing that people on the street completely ignore their surroundings and allow themselves to become as absorbed in their cell phone conversations as if they were safely ensconsed in the safety of their own homes. These devices can cost $500 and more; they are almost as good as cash, and these people are setting themseves up for a mugging. No software program can protect someone from their own stupidity
<<   <   Page 3 / 3
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll