Let’s face it, mobile devices (smartphones, in particular) have become a very personal piece of technology in our lives. In fact, most of us will not leave home without our phone (or we immediately turn around to get it if we did). This attachment doesn’t go unnoticed as our children observe and learn from our interaction with our devices. And, in most cases, our ‘digital native’ children are already using tech devices of their own by their toddler years.
Like any other technology, our mobile devices come with their own set of risks. And to make this even more interesting, the lines between ‘mobile’ devices and any other internet-connected device are getting more and more blurry. That said, consider similar controls for devices such as desktop computers, laptops, gaming consoles, TVs, movie streaming devices, and even internet-accessible toys. Read my blog I don’t speak ‘techy’ – what should I really care about? for more info on risks.
That said, let’s jump right into seven (7) common device security and privacy controls and capabilities, so that we can put better protections around both our own as well as our children’s devices.
1. Lock your devices
This is a pretty simple, yet crucial, step in your plan and it starts with just enabling strong passcodes and set your phone to auto-lock immediately. When I say strong, I’d suggest using at least a 6-digit # (not your birthday). You may also consider moving to an alphanumeric passphrase (letters and numbers). I’d also shy away from setting a 5, 10 or 15 minute idle time period before your device locks (lock it immediately). If you leave your phone somewhere and it falls into the wrong hands before it locks a criminal could have access to everything inside of your phone (email, messages, apps, data, photos, and any connected services e.g. social media, ).
Regardless of the various debates around the use of thumbprints to unlock your devices, I (personally) still recommend it. This can encourage us to use stronger (harder to guess) passcodes or passphrases since you’re not typing it as often. And, you’re allowing much quicker access to your device by storing and using your thumbprint to unlock and access. . . one thumb on the button or screen and we’re in! We’ll discuss more around the debates of thumbprints and biometric authentication in future discussions (much deeper topic). I’d also suggest that you do your own homework.
2. Use two-factor authentication, where possible
Everywhere that you are using a username and password; whether it be apps or websites (e.g. banking, social media, email, file storage, etc.), consider enabling two-factor authentication if supported by your respective service providers. Most still use text messages to send you a PIN upon successful login with your username and password (this method is slowly becoming deprecated). Whereas, others may provide you a second app typically referred to as an authentication app. These features simply help you to limit someone from stealing your credentials (username and password) and accessing your online accounts without your second factor of authentication (e.g. a PIN # texted to your personal mobile phone, etc.).
3. Deny or remove unnecessary app permissions
Which apps on your device have permission to access things like your microphone, location, contacts, etc.? For example, you should know if apps use your device location to track where you are at any given time. You will also want to know how often they can they use that information. For instance, should a flashlight app have access to your location, microphone or contacts? Should a maps app use your location even when the app is closed and not in use? Apple and, more recently, Android both have methods of alerting you (requiring approval) for permissions to native services like location, contacts, camera, etc. by apps when they are first installed or anytime thereafter. Likewise, Instagram should ask you before it get’s access to your contacts list in order to find potential friends, thus providing you with the decision of whether you think that is something you’re ok with sharing.
4. Stay on top of software updates
Software updates for your device and associated apps include more than just new features; they include security patches that protect the integrity of your device and data. Its best to download and install updates as soon as they are released to avoid falling victim to a newly exposed vulnerability that may affect your tech. If you’re device supports automatically downloading and installing updates, then I’d suggest you turn it on.
5. Limit app downloads to reputable sources
It’s worth noting that, for Androids, you’ll want to verify that you’re restricting the ability to install software from only trusted, known app stores e.g. Google Play. On the other hand, Apple iOS devices restrict all downloads via the Apple App Store. Now, this doesn’t mean that there aren’t bad/malicious apps that get through the app store security reviews, but it helps to minimize your risk. It’s wise to always do your homework on any apps that you’re about to download. There are some great resources for parents to quickly get information on apps and other media. See our Media & Age Ratings page for guidance.
6. Take Advantage of Parental Controls
Hallelujah! Parental controls (on most devices, apps and online services) are finally getting better! This has been (and in some cases, still is) dearly lacking in smartphones, tablets, gaming consoles, streaming TV and music subscriptions, etc.. What does that mean for you? You may not have to jump to the typical knee-jerk reaction of going out and buying a magical 3rd party product to do simple things such as restrict or filter adult websites and content, review downloads, disable apps or unwanted features, etc. Don’t get me wrong, there are a ton of options for add-on parental controls and monitoring on the market, but they all tend to come with their own set risks. Generally, I’d just say to lead with native (built-in) controls where possible and consider the risks where gaps may exist; then you may compare some of the more reputable add-on parental apps and/or devices as needed.
As an example of “native” parental controls, iPhones and iPads have a feature called “Restrictions” under the “General” settings; this is your device’s built-in Parental Controls. See Parental Controls for more detailed information on options, setup guides, etc. across various device types (Android, Microsoft ,Apple, etc.).
Another parental control worth noting is that Apple, Microsoft and Google provide you with the ability to manage all of your family devices (phones, tablets, computers) in a single view. This helps you to establish a family-wide policy for things like reviews and approval for any app downloads, or other purchases made (e.g. apps, music, movies, etc.), etc.. Honestly, requiring approvals on all downloads has been a great excuse for me to initiate a discussion on any of my children’s downloads despite their age.
7. Find my child’s devices
Enable the option for your phones, tablets and computers to be located from a centralized website or connected device, particularly when using the more mainstream providers (e.g. Apple iCloud, Google Play, Microsoft). And, yes, this could be seen as a bit of a paradox when talking privacy while recommending you give your location away to a cloud service at any given time. Obviously, I’d struggle to recommend this type of location feature with just any cloud service, but I find the few I’ve listed to be especially helpful. Examples of this feature are “Find my iPhone” or “Find my Mac”, etc. for Apple devices and “Find my Device”, for Google Android. This will help you to be able to identify where your child’s phone is located at any given time, while also increasing your chances of finding a lost or stolen device. Some providers even use these types of features to prevent the device from being used by someone else if it is stolen (see the following support article as an example: If your iPhone, iPad, or iPod touch is lost or stolen)
Some of this can feel a bit overwhelming, but my hope is that you see how imperative it is that we, as parents, remain active our children’s digitally-connected lives; despite the time and energy it takes. Remember, with these always-on, internet-accessible devices, our children have an overwhelming amount of data (alerts, notifications, messages, advertisements, news) coming at them, and information (on practically any topic we can dream up) is accessible to them at any given time.
MARK SCALIA 