One Step Ahead: Security and Privacy Made Simple	Print Issue
November 2, 2010, Volume 57, No. 10

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.

Think Before Downloading Apps to Your Smartphone

Global shipments of smartphones—handheld computers combined with a mobile phone—reportedly reached a record 77 million in the third quarter of 2010. Many of us use these devices to help conduct both our work and personal business in efficient and convenient ways. However, it is important to be aware that as usage of smartphones grows, so do concerns about the privacy and security of the data on those devices.

One area of concern relates to applications, or “apps,” that can be downloaded to smartphones. Recently, a supposed wallpaper app was found to be sending personal identity and other sensitive information from users’ phones to a server controlled by the app developer. In another case, researchers discovered that what looked like a video player app was actually a way for attackers to download malware to phones. The malware caused phones to send text messages to premium numbers, resulting in payments to the bad guys and accumulating charges for the phone account holder.

There are steps you can take to help protect yourself against app-related privacy and security risks, including the following:

Become familiar with the features of your smartphone and use its built-in security components.

Only download applications from trusted sources. Check available information regarding the app developer, not just the site or carrier where the app is available.

Download updates for trusted apps regularly, especially banking and payment apps.

Pay attention to requests (in the form of pop-ups or dialog boxes) that ask for your approval to change permissions settings, and only allow access for trusted apps.

Back up important data to a desktop, laptop or other computer.

Check your billing information every month to see whether there are unrecognized numbers; if so, this could be an indication that malware has been installed on your phone.

For additional useful information see the Privacy Rights Clearinghouse fact sheet at www.privacyrights.org/fs/fs2b-cellprivacy.htm.