In my previous blog post titled, “Why protect your personal and business data on your phone“, I wrote about how your phone in its default state, is a gateway with which your personal and business information can be accessed. It is through the vulnerabilities of a signalling system called SS7 that is being exploited to listen into conversations, steal your information and track your location. For a time, this seemingly high-tech affair used to be the domain of spies and governments, but now the technology is accessible to common criminals. It is easy to see the incentive to gain this capability for any thief who wants to steal money, any predator looking for his next victim or organised criminals looking to harvest information to sell to the black market.
The solution really, is encryption. If our devices encrypted the data that is coming in and going out of them, whatever bits of data that get intercepted will not be readable by anyone else apart from their intended recipient. The issue with this however, is that the Government does not really want to go that path because it closes their access to their citizens’ information too.
We know from the Edward Snowden documents that the US and the UK Governments had been spying on their citizens. This security problem therefore is a dilemma for Governments. Because of this, I nor you, should hold your breath for the Government to seriously do anything about this issue anytime soon. Last time I read about the issue, the US Government tried to discourage big companies like Google and Apple not to proceed with developing encryption technologies for their products, or at least do so in a way that still gives them a privileged access.
Fortunately for us, Google and Apple seem to recognise the company who can give the security and privacy their consumers demand, will have a competitive advantage over others who do not offer encryption. I am therefore happy to see that indeed, they have data encryption on their phones.
I am not sure if I understand this correctly but from my readings so far however, Apple seems to have a limited encryption compared to what Google offers in its Android Operating System. If somebody takes issue with this, they can make their point, link me to the right research paper and I can post their reasoning here. However, at this moment, I am pleased to know that Google already has full data encryption in its latest release of Android (the Lollipop / Android 5.0 ones and over).
I researched on how to minimise this risk for me. In this post, I will tell how you how I went about encrypting the data on my phone to help you secure data on your mobile phone also.
I should say that I have the Samsung Galaxy Note 4 which runs on Google’s Android 5.0 Operating System. So as long as you have an Android phone, the instructions here will be similar to your phone. I will update this article to discuss security on Apple’s iPhones too.
THE NEGATIVES OF ENCRYPTING DATA ON YOUR PHONE
We need to understand and acknowledge the negatives of encrypting data on your phone. Encryption requires some of your phone’s resources and that is usually dependent on your phone’s hardware. Google initially, wanted to encrypt all data on their phones by default but with testing, they found encrypting all data on Nexus phones reduced the phones’ performance somewhat. Knowing my phone hardware specs, this was not going to be an issue.
The encryption works by encrypting the data on your phone with your passcode. I read somewhere that for you to achieve sufficient security, you do need a 16-character passcode. Anything less, was considered relatively easy crack. So I had to make up a 16-character passcode.
The next issue was the thought of me having to type in that code every time I just want to check my email, check my bank balance or send messages. Fortunately, Android has a fingerprint mechanism. So instead of having to type in the 16-character passcode all the time, I can just wipe my fingerprint to open my phone.
The final issue is that once you have encrypted your phone, you cannot undo it. The only way back is to restore your phone back to its Factory Setting!
STEPS TO ENCRYPT DATA ON YOUR PHONE
The first thing I did is to back up my data on the phone using Samsung Kies, a free Samsung app. Once that is done, I would recommend you re-starting your phone just in case there’s any memory allocation or other technical problems.
Ensure you have at least 80% left on your battery charge and plug in your phone to the power outlet. I would charge it all the way to 100% to make sure. The reason for this is because if the encryption process is interrupted, you lose some or all of your data! It may take up to an hour or more. Therefore, make sure you have battery power in case your electricity supply drops out and you are completely reliant on the battery.
Pull down the top menu. Click on the Settings (Gears) Icon.
Look for the Security Options:
Click on Encrypt Device.
Read the warnings to ensure you understand the consequences to encrypt your phone data.
Press the button that says something to the effect of “Encrypt Your Data” and leave your phone alone to do its work.
When it’s done, you are now ready to use your phone. On the Galaxy Note 4, which used up 75% of a 30GB disk space, it took about 10 minutes to encrypt. It was a lot shorter than what I was prepared for.
So that is how you encrypt your data on an Android Phone running on Android 5.0 (Lollipop) onwards!
LINKS ON HOW TO ENCRYPT DATA ON IPHONES
As for iPhones, I will wait until I have some personal experience with it and post my findings. In the meantime, here are a couple of references that might lead you to similar guidelines I provided here for Android.
- How IOS Encryption And Data Protection Work
- How to: Encrypt Your iPhone
- iOS: Understanding data protection
If you think this post will help any people you know, post it on your blogs, tweet it or like it on Facebook or Google Plus.
If you have other references for encrypting data on other phones or operating systems, send us the link to your article or send us your article and we will publish it here.