By John B. Folkerts, CISSP, Information Security Manager, Canandaigua National Bank & Trust
One of the wonderful things about our mobile devices is the flexibility and convenience of apps that we can easily download onto our phone and tablets. Apps can do all kinds of useful things for us, but in order to be most useful, they may require access to personal information such as your contacts, calendar, phone logs, and location. But do these apps ask for too much access?
Here are some tips to avoid giving away your private information via mobile app:
- Avoid downloading harmful apps. How can you identify what is harmful?
- Only download apps from an authorized app store (Google Play for Android users, and the Apple Store for IOS devices). Avoid downloading from unauthorized websites.
- Who developed the app? Make sure they are a known and reputable source.
- While app stores do some security checking, always read the reviews
- Stay away from apps that only have few downloads
- Check your app permissions.
- Before downloading the app, check the required permissions
- Read the app privacy policy to see how the app provider plans to use your data
- Avoid apps that are vague or silent on how they will use or share your data
- Review app permissions on any installed apps.
- Occasionally app permissions can change, so review what is allowed.
- Pay special attention to contact list, camera, storage, location, and microphone permissions. Do the permissions match what is needed for the app?
- Keep app software up to date to ensure that security vulnerabilities are fixed.
- Delete apps you do not need. This frees up storage space too!
Phone and tablet manufacturers have gone to some lengths to give you more control over the privacy of your data. Make use of those features to control your private information and reduce the risk of a malicious app misusing your data.