7 easy rules for protecting your phone

The no-nonsense T3 guide to smartphone safety

If you think about it, there's a lot of sensitive and private information on your phone - from the Snapchats you get from your friends to emails from your doctor to access to your bank accounts (if you've taken the plunge and installed your bank's latest clunky mobile app).

Losing your phone and having it stolen isn't just about the cost of the hardware, though that can run into hundreds of pounds, but also about all the stuff you've got on there. It's vital that you keep your mobile well protected, and these simple guidelines should help.

Read more: Apple iPhone XR review: a brilliant balance of polish, features and price

1. Set up a PIN code


Some of you would never dream of keeping your phone unlocked and accessible to whoever came across it, but the statistics show an alarming number of users still don't bother with a lock screen PIN, pattern or something similar (like Touch ID protection).

Whatever you're gaining in convenience by not having to unlock your phone, you're losing in safety and security - without a PIN or fingerprint sensor protecting your mobile, anyone could browse through your photos, send emails from your inbox, post to your Facebook page, delete your Dropbox files and more.

Whenever you get a new phone, a PIN or pattern or whatever kind of lock screen security you prefer should be your very first move.

2. Set up two-step verification

Two step

This is more about protection for your apps rather than stopping people from getting on your phone (see the first item in this list) - it acts as a useful extra layer of security and means even if someone has your username and password they can't log into your social media or mobile accounts.

Two-step verification (or authentication) should be switched on for every account that supports it, including Google, Apple, Facebook, Twitter and many more.

The extra protection is usually in the form of a code send to your phone, which obviously isn't much use if your phone has been stolen and accessed. However, it does mean it's harder for your login credentials to be used on other devices after you've recovered your phone or if it was accessed for just a short time.

3. Set up a remote phone finder service


Both Google and Apple now have comprehensive remote phone finder services, which you should opt to switch on when you set up your devices.

If you need to configure it later, look in the Settings app for your phone: on the latest versions of Android, the Android Device Manager is in the Security menu under Device administrators. On iPhones, go to the iCloud menu and look for Find My Phone.

You can then track your device on a map from the web or from any other device linked to the same account, but location-tracking isn't the most important feature: you also have the opportunity to remotely lock or wipe your phone with a click.

4. Protect particular groups of files


Some apps on your phone (mostly those where you might store sensitive information) come with a PIN lock of their own - it's worth switching this on as another obstacle for would-be hackers to overcome.

It's available in the premium versions of Evernote, for example.

If this sort of functionality isn't already built into the operating system running on your phone then you can add it with the aid of a third-party app. There are plenty to choose from but Keeper and Lock Applock are a couple of the most impressive.

These sort of apps can also be useful if you have friends or kids wanting to borrow your phone for a little while, as they protect your most private files.

5. Beware of free Wi-Fi


If you can live without Wi-Fi - and in these days of 4G (and 5G) speeds and cheap data plans, you might be able to more easily than you think - it's usually best to never connect to a public wireless network at all.

That's not to say your local coffee shop is spying on your browsing activity but networks that anyone can hook up are inherently less secure than the one you've got at home. Be cautious about which networks you connect to and the sites and services you visit while you're online.

For the really paranoid, a VPN app can help to keep your data protected while you're browsing on public Wi-Fi networks.

6. Stick to approved app stores

Android apps

Many a smartphone scare comes through apps that aren't available on the Apple App Store or the Google Play Store - if you choose to get your apps from alternative sources (usually via rooting or jailbreaking your phone) then you need to be very, very careful about what you're installing and be sure you know what you're doing.

Even with apps from the official stores, you should always double-check the permissions they're asking for and remove them when they're no longer needed - the more apps you have sitting around collecting (virtual) dust, the greater your exposure if one of these apps or servers connected to them should be targeted by hackers.

7. Keep your software updated

iOS apps

Don't neglect updates that you see for either the mobile OS you're using or the apps that run on top of it: very often these updates will include important security patches designed to keep you protected against the latest threats. Updates are so important that both Google and Apple now make it very hard for you to ignore or opt out of them.

You need to take a vigilant approach across all your devices too: not just the phone you use every day but also the tablet sat in the drawer for most of the time (because it's probably got the same key apps installed as your phone has).