There is a good chance that you spend more time interacting with your internet world on your smartphone than on any other device. Let’s see how you can improve your iPhone and iPad security.
1. Keep your iPhone (and iPad) up to date
It may seem obvious, but keeping your iPhone (or iPad) up to date is one of the most important things you can do in terms of security. Security issues are often found in iOS, and once they’re public, that means they’re ready for exploitation. Apple regularly fixes these holes with optional updates.
You can turn on automatic updates in Settings > General > Software Update so you no longer have to install one of these updates manually. Your phone will automatically install any updates to the current version of iOS while you sleep.
You still have to manually update your iPhone to the next basic iOS versions (for example, from iOS 13 to iOS 14) when the time comes. This is by design, and it means you can delay the update if you’re concerned about the teething issues that come with every new major version of iOS.
2. Use a secure passcode and Face ID or Touch ID
You may already be using Face ID or Touch ID to unlock your device with your picture or fingerprint, but how secure is your passcode? The passcode is the Achilles heel of your device if someone has a phone or tablet in hand. It’s the only thing stopping a potential spy from gaining access to your entire digital life.
With the advent of biometrics like Face ID and Touch ID, unlocking your iPhone is easier than ever. As a result, you must make it harder for everyone who is not you. This means setting a longer, less predictable numeric passcode or even a password that uses more than letters. You will still need to enter this from time to time, such as when your device reboots, but not often enough for it to be draggable.
Go to Settings > Face ID & Passcode (or Settings > Touch ID & Passcode or just Settings > Passcode depending on your device) and select Change Passcode. When prompted to enter a new password, click «Password Options» at the bottom of the screen. Here you can use the «User Alphanumeric Code», which we usually refer to as the password.
3. Protect your lock screen
Your lock screen can give away many of your secrets. If you receive a text message, it is visible to everyone. If you ask Siri to read your last message or email, the assistant will. You can even reply to messages and access default smart home controls.
Because it’s so easy to unlock your iPhone or iPad, there’s no need to give away so much information while the device is locked. Go to Settings > Face ID & Passcode (or Touch ID & Passcode, depending on your device) and turn off any services that other users shouldn’t access from the lock screen.
If you want to hide incoming notifications until your device is unlocked, you can do so in Settings > Notifications > Show Previews > When Unlocked. This is very handy on a device with Face ID as all you have to do is look at your phone and your advance notifications will appear. This is less convenient for devices with Touch ID, as you have to physically authenticate with your finger.
4. Don’t open shady links
In August 2019, researchers at Google’s Project Zero announced that they had uncovered several compromised websites that used vulnerabilities in iOS to install spyware on devices. Apple fixed the vulnerabilities, but it is estimated that thousands of users hacked their devices within a few months.
Spyware can reportedly leave Apple’s sandbox and gain access to credentials and authentication tokens. Contacts, photos, the user’s current GPS location, and messages sent via services such as iMessage and WhatsApp were sent back to the server once a minute. This is the first exploit of its kind on iOS, but there is no way to say that it will be the last.
Be careful when clicking on strange links in emails or text messages that you don’t recognize. URLs shortened by services like Bit.ly are ready to use. Apple may have closed these security holes, but vulnerabilities are a fact of life when it comes to software development. It is possible that such exploits may appear again in the future.
We’re not saying you should be afraid to click on links, but it’s better to be careful and stay away from shady sites. Fancy links in emails or text messages from strangers can lead you to phishing websites that also try to scam you.
5. Make sure «Find Me» is turned on
Find My is the new name for a service that allows you to track both your devices and friends. Formerly called Find My iPhone or Find My iPad, it will let you not only find your device on a map, but also send a beep, lock your device, and in the worst case, wipe it remotely. , removing all your personal data from it.
Most people should have this enabled by default, but many of us forget to re-enable it after a device restore or software restore. Go to Settings> [Ваше имя]> Find mine and make sure the service is enabled. You can then sign in to iCloud.com, click Find My, and see your iPhone listed along with any other Apple devices associated with your Apple ID.
6. Avoid using unsecured public Wi-Fi
If you’re not taking steps to secure your internet traffic, avoid public Wi-Fi networks so you don’t fall victim to an attack. Rogues can use these services to carry out man-in-the-middle attacks where they position themselves between you and the wider internet. They then hijack web traffic, messages, and any other communication between you and the online world.
The problem is so severe that some public Wi-Fi hotspots are set up by attackers solely for this reason. They are hoping to get login credentials, payment details, personal information, and anything else that might be of any value or benefit to them.
Go to Settings > Wi-Fi and set «Auto Join Hotspot» to get prompts when you connect to a new hotspot. When this setting is set to Automatic, your iPhone can automatically connect to public hotspots.
7. Use a VPN
A virtual private network protects your online habits from prying eyes by encrypting your internet traffic at each end. When traffic leaves your device, it is encrypted, sent via VPN to the Internet, and then decrypted when it reaches its destination. The same thing happens on the way back, where the VPN acts as a tunnel of sorts to obfuscate your data.
We recommend using a VPN on public Wi-Fi hotspots. With a VPN, you can use public Wi-Fi without worry because your traffic is encrypted and useless to any listeners.
The easiest way to use a VPN on your iPhone is to download your VPN provider’s app and follow the instructions. You can also use a VPN to access geo-restricted content and bypass online restrictions imposed by governments (though you should only attempt the latter if you know the authorities can’t detect your VPN).
8. Don’t jailbreak your iPhone
Jailbreaking is the installation of modified firmware on an iOS device to remove Apple restrictions. If you jailbreak your device, you can change the basic actions of iOS, install software from third-party sources, and gain seamless root access to the operating system.
This leaves your device in a vulnerable state. You can install not only funny little tweaks that change the behavior of iOS, but also malware that tries to harm your device or compromise its security. When you jailbreak, you are giving up some of the most important aspects of iPhone security, most notably the App Store.
But that’s not all. Some apps will not work on jailbroken devices, especially those from financial institutions such as banks and online payment processors. If Apple catches that your iPhone is running a modified operating system, you could say goodbye to your warranty. You can remove the jailbreak by restoring your iPhone using a Mac or PC, but it’s not clear if Apple can tell you what you’ve done in the past.
9. Be Careful About Granting Permissions
On an iPhone or iPad, apps should ask you before they can access your location, contacts, photos, files, camera, Bluetooth radio, and more. You can deny access if you wish. This can break some apps — for example, if you download a third-party camera app and deny it access to your iPhone’s camera, you won’t be able to take pictures.
Many applications request access to these resources and only need it for certain functions. For example, an app might request access to your contacts to find friends you can invite to the app. The app may request detailed location permissions to find stores near you. In both cases, you can avoid sharing the application. For example, you can manually enter an address near you to find nearby shops instead of entering your exact location. Or you can give the app access to your physical location only once.
Before granting access to an application, consider whether you really want it to have this data. This will help increase the security of your data. For example, an app that uploads your contacts to its servers may subsequently compromise those servers and leak your contacts. By choosing to be careful about what you share, you minimize that risk and increase your privacy.
10. Check your privacy settings regularly
Once you access this application, you may forget that you did it.
Go to Settings > Privacy to view your permissions. You can also go to settings, scroll down until you find the app you want to view and see all permissions (and any other related settings) on one screen.
It’s a good idea to review your privacy and security settings regularly, just to make sure everything is to your liking. If you’re wondering where to start, we’ve created an iPhone privacy settings checklist.