We (hopefully) do it several times a day and learn it from an early age: Washing our hands. You can find out why we should approach and internalize the topic of data protection in a similar way here.
Why data protection is an intuitive part of everyday life
Nobody seriously questions hand washing anymore. As a child, you are taught early on to wash your hands regularly, especially before eating, to protect yourself from infections, germs and other things. We may forget from time to time, but fortunately it has become a matter of course.
Something we do several times a day, probably even more often than washing our hands: using our smartphone. In addition to the display as a germ slinger, the worse “data protection germs” are hidden behind it in the installed apps that access numerous (personal) data.
Data security & data protection on cell phones
An app is quickly downloaded and as a user you usually don’t give much thought to the consequences: what data and communication channels does the app access? What exactly does it say in the depths of the (rarely read) terms of use? Does the app access contact data, for example? Who does the data go to and where is it stored (temporarily or even permanently)?
For the user, the functionalities of apps take center stage. If an app is also cheap or even free, it is tempting to be careless. As a result, many apps end up on people’s cell phones without them thinking about “IT hygiene”. Or to stick with the metaphor of washing your hands: you sit down at the table without washing them.
For private cell phone use, it may still play a subordinate role where which data ends up. “I have nothing to hide” or “who cares where I went for a walk yesterday” are common arguments, but they come back to haunt us at the latest when private data is made public or we become victims of identity theft. Recent data leaks such as “collection #1 – #5” (millions of email addresses and passwords published) or the doxing of German politicians in December 2018 show just how quickly this can happen and what dimensions can be reached.
If you use a company cell phone or occasionally use a private smartphone for business tasks such as emails, it’s a completely different story. Such “dirty apps”, which collect and use extensive data, can quickly have damaging consequences for business. For example, when calendar, movement and contact data reveal who is meeting whom, where and for how long. Big data experts can extract a great deal of information from such metadata and use it accordingly.
GDPR & data protection
In addition to security risks, legal risks when using mobile devices should also be taken into account and included in regular hand washing. For example, the GDPR stipulates a strict separation of business and private data, which becomes difficult if employees use apps for both. This is because, from a legal perspective, neither the provisions on data protection, copyright protection nor retention obligations are guaranteed. You can find out what you need to bear in mind in the article on mobile working under the GDPR.
How to increase data protection on your cell phone
“IT hygiene” is therefore particularly important on mobile devices. Washing your hands should therefore be an automatic part of every app installation. And regular spring cleaning is also a good way to get rid of data dirt on your smartphone and to think about why and for what purpose you have certain apps or data on your smartphone and whether they are really useful.
Summary: how to increase data protection on your smartphone:
- When reinstalling an app, check and ask which authorizations are required
- If the app does not work without permissions: look for alternatives that request less data
- Separate private and business data cleanly
- Regular check: which apps do you use, which can you delete? For which apps can permissions be restricted?
- Update apps regularly
- Only download apps from the official stores
Especially when it comes to mobile working on smartphones, a lax approach to data security and data protection on cell phones can have far-reaching consequences. One solution is to use a container app such as SecurePIM to clearly separate private and business data.