8 tips from America's top spy agency on how to keep your phone safe
Here's how to keep private info on your smartphone safe
Our smartphones are prized possessions. They cost a lot and, more importantly, contain a plethora of sensitive, private information, like passwords, credit card numbers, addresses, and potentially pictures of important documents.
With so much precious information on your smartphone, it's important to do everything you can to protect it. If you're not sure where to start, check out the NSA's 8 helpful tips in its new Mobile Device Best Practices list.
1. Update software and apps
According to the NSA, you should "Update the device software and applications as soon as possible." Updates for your phone's native OS and downloaded apps can often contain crucial security updates or bug fixes that keep your phone secure.
If you're not sure how to update your phone's software and apps, check out these helpful guides:
- How to update apps on Android
- How to update apps on iPhone
- Android 15 Beta is here — how to get it on your phone
- How to get iOS 17 — install it on your iPhone now
2. Only install apps from official stores
In addition to keeping your downloaded apps updated, the NSA recommends installing "a minimal number of applications and only ones from official application stores."
For Android phones, the biggest official app store is Google Play. For iPhones, it's the App Store.
When you download apps directly from an official app store, there's an extra layer of protection because Google or Apple has vetted the app. This official vetting process often prevents malicious apps from getting on the app store, but you won't have that same protection when sideloading apps.
Not every deal is worth a squeal. Get only the good stuff from us.
The deal scientists at Laptop Mag won't direct you to measly discounts. We ensure you'll only get the laptop and tech sales that are worth shouting about -- delivered directly to your inbox this holiday season.
3. Do not connect to public wifi
Connecting to a public Wi-Fi network puts you at risk because you could share the same network with a hacker. The NSA writes, "DO NOT connect to public Wi-Fi networks," in bold text to emphasize the importance of this tip.
Furthermore, the NSA recommends disabling your phone's Wi-Fi when it's not needed and deleting unused Wi-Fi networks from your phone. If your phone is set to connect to available networks automatically, these last two tips can prevent unknowingly connecting to a public network.
If you frequently need to connect to public Wi-Fi, consider investing in one of the best phone VPN services to boost your protection.
4. Do not click links or open attachments
This tip may be the most obvious, but it's still crucial to mention. If you receive a link or an attachment in an email or a message on your phone that you weren't expecting or looks suspicious, don't open it.
The NSA points out that " even legitimate senders can pass on malicious content accidentally or as the result of being compromised or impersonated by a malicious actor." So, even if you're used to receiving random article links from your mom or friend, it's important to look at the link before clicking on it.
If you spot a typo in a well-known website name, a random string of characters before the address's .com ending, or anything suspicious, don't open the link.
5. Turn device off and on weekly
One of the most interesting (and potentially most unknown) tips for keeping your phone safe is simply turning it off and back on every week.
USA Today writes that turning your device off and back on "can thwart hackers from stealing information from smartphones." Bill Marczak, a senior researcher at Citizen Lab, says that it's possible that hackers "could simply send another zero-click" after rebooting your phone. Still, it's a quick security trick that could make some hackers leave your phone alone.
6. Lock device with PIN
Most people I know have a PIN on their phones, but it's worth setting up if you don't. Entering a PIN only takes a few seconds, and the security boost you get in exchange is worth it.
The NSA advises: "A 6-digit PIN is sufficient if the device wipes itself after ten incorrect password attempts."
And before you default to using your birthday as an easy 6-digit PIN to remember, think twice. Guessing your birthday would be a hacker's first instinct, so come up with a unique 6-digit PIN. If you're worried you won't remember it right away, write it down or share it with a close friend or partner to whom you'll give it anyway.
You should also "Set the device to lock automatically after 5 minutes," according to the NSA.
7. Maintain physical control of device
This tip is about more than just physically holding onto your device and being careful not to lose it. While that is important, the NSA also writes, "Avoid connecting to unknown removable media."
Connecting your phone to your laptop to transfer photos, videos, and other files is one thing. But connecting your phone to an external hard drive you found on the street? Don't do that. Other "removable media" examples include memory cards and USB flash drives.
8. Use trusted accessories
According to the NSA, "Only use original charging cords or charging accessories purchased from a trusted manufacturer."
This means you should stay away from connecting to public charging stations. Through a compromised USB port, a malicious actor could potentially lock you out of your phone, export your data, or see your passwords and other sensitive data.
Outlook
Sometimes, life happens. It's impossible to predict someone stealing your phone on a random Tuesday or any other unfortunate situation that could compromise your data. However, you can do everything to safeguard your phone and all its sensitive data.
In addition to the 8 top tips above, the NSA also recommends the following:
- Disabling Bluetooth when you're not using it
- Investing in a protective case that "drowns the microphone to block room audio (hot-miking attack)"
- Covering your camera when you're not using it
- Not having "sensitive conversations in the vicinity of mobile devices not configured to handle secure voice"
- Using Biometrics authentication, like fingerprint or face authentication
- Disabling location services when they're not needed
- Not jailbreaking or rooting your device
Luckily, built-in protections for iPhones and Android phones are improving, but they're not always perfect. New malware still pops up every few months, so it's important to enact these security tips to keep your phone as protected as possible.
Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including Mashable, How-To Geek, MakeUseOf, Tom’s Guide, and of course, Laptop Mag. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she's not writing, she's probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.