Photo submitted
Photo submitted

Monday is Iowa Data Privacy Day and smartphones present one the greatest data privacy risks, both to individuals and to businesses.

To date, more than 1 billion smartphones have been sold, and another billion are projected to be sold this year alone.

Each of these phones can hold up to two gigabytes of information, a large portion of which is personal. Some of this personal, private data belongs to the smartphone owner; some to others, including customers and co-workers. Recently, several smartphone privacy breaches have had serious ramifications for the victimized companies. So Monday would be a good day to set aside time to secure your smartphone with these 12 simple steps:

1. Use passwords, PINs and passcodes. Set these for operation of your smartphone, as well as for those applications and sites you use. Be sure they cannot be easily guessed and that they are unique to your smartphone (i.e.: not also used for social networking or for access to your employer’s network). Never store clear text passwords on your smartphone.

2. Encrypt the data on your smartphone.

3. Do not store more data on your smartphone than is necessary. Check your settings to make sure you aren’t automatically saving copies of emails, text messages or documents.

4. Do not store sensitive or personal business, customer, employee or colleague data on personal devices.

5. Install remote wipe software on your smartphone, in case it is lost or stolen. Some smartphone vendors provide this service for a fee.

6. Install smartphone firewalls. Many smartphones come with firewalls built in, but these typically are not activated by default.

7. Use anti-malware protection. As with firewalls, many smartphones come with anti-malware programs installed, but not activated. Security vendors and some wireless companies offer free anti-malware.

8. Use tracking tools wisely. Know your geotagging settings on the apps you use and change them if they are tracking more than you want. If an app does not provide information about how it uses or shares geotags, download with extreme caution. Enable your GPS only when you really need to have your whereabouts broadcast to others.

9. Read the policies of apps before you download them. Look for other entities that will be gaining access to the data they collect from you and your phone. Check to see if they will be accessing the data directly on your smartphone, and if they are going to take any of it and use it for their own purposes.

10. Never set your smartphone to auto-login to your social media or other sites.

11. Every two months, review what is stored on your smartphone. Delete all files, photos and videos you don’t need and all apps you don’t use. Reset your sharing and tracking settings if you see they’ve changed.

12. When discarding old smartphones. make sure you have removed all personal data and data belonging to your employer.

Rebecca Herold is The Privacy Professor, an Iowa-based information privacy, security and compliance consultant. She can be reached at