Damien Schreurs, owner and founder of EasyTech, during Amcham's luncheon on Monday Delano staff

Damien Schreurs, owner and founder of EasyTech, during Amcham's luncheon on Monday Delano staff

As Schreurs explained, most email on smartphones isn’t even encrypted--one of a number of security threats linked to smartphones. Based on his experience, Schreurs narrowed down three vectors of smartphone security threats: physical access (e.g., via widgets, vocal assistance); close proximity, which includes aspects like near-field communication (NFC), Bluetooth (which can be compromised even from a 50-100 m distance) and wifi; and software and the cloud. 

So how can users protect their devices? Many of the tips Schreurs advises involve common sense--protecting the lock screen, e.g. from pop-up notifications; keeping smartphones up-to-date; performing regular backups; using two-factor authentification; and registering with the “find my device” function as soon as possible, which will be worthwhile if the phone is ever lost or stolen.  

But Schreurs further encourages users to “treat the smartphone as a computer” by utilising a complex password of at least 10-12 characters. He added that using the swipe screen to unlock a device isn’t necessarily safer, given that recent research has shown that 95% of swipe patterns can be cracked in five attempts or less, merely from using various CCTV footage. Similar concerns exist for facial recognition, given that smartphones can be tricked even by photos. 

“Beware of apps, and always prefer renowned developers,” Schreurs adds, explaining that paid or premium access apps should be selected over free ones. “Some of the apps also have fake reviews.”

What may be harder for some users is to turn off all NFC, Bluetooth and wifi when these functions aren’t needed. And, Schreurs says, never jailbreak or root devices, as this can disable built-in security mechanisms.    

When it comes to additional protection, Schreurs suggests using VPN tools, apps such as Tunnel Bear, available for iOS and Android, which prevents IP-based tracking and protects online privacy, as well as allowing users to access global content and bypass local censorship, given that the app changes a user’s virtual location. He also advises using Sophos Mobile, which provides more control over apps on a device via a portal, without having to manage the smartphone itself, something that could be particularly useful for companies with bring-your-own-device policies.