People tend to be lax when it comes to staying up to date with the latest smartphone developments. However, it’s sensible to learn why old phones are a security risk and how to stay protected from potential threats. This article lists some of the most recommended security tools to look out for.
For years, people had been clamoring to get their hands on the latest model of their favorite phone manufacturer. Sitting in long lines or even camping overnight wasn’t strange at all. But recent studies have found that this trend is in decline. Instead, people are sticking with their old phones.
Explained below are the reasons why keeping an old phone might not be as thrifty in the long run as one might think. They will be followed by some tips on how to stay safe with an older phone in this ever-changing world.
Is it a Good Economic Decision To Buy Latest Smartphone?
As national debts rise in many countries and it becomes harder to stretch a dollar (or whatever preferred currency), people are finding new ways to save. Luxuries are often the first things to get cut - and buying the newest smartphone counts.
It used to be normal and trendy for people to eschew their old phones for the latest phones. However, that trend has been changing over the past few years. People are, now more than ever, holding on to their phones for longer. Even president Trump still reportedly used his old 2012 Samsung Galaxy S3 model up until at least 2017.
In recent years, a huge market has sprung up around old and used phones, especially in China. People are buying up older models and reselling them or buying them from recycling plants to resell the parts. The US government wasn’t all too happy about this, because they found some manufacturers using the old parts in newer models. The security side of the problem isn’t so much about an old LCD screen, but rather around the software these old parts can handle.
There’s nothing wrong with being thrifty of course. But the ideology of capitalism is so deeply entrenched in the mobile manufacturer’s bible that it does pose increased security risks. This is mainly because manufacturers stop focusing on updates for older models after a while. After a certain threshold, the updates start coming slower and slower until they eventually stop. It’s at that point that the phone is no longer safe to use.
Is it fair? Who’s to say, but it doesn’t look likely that they’re going to change their ways any time soon. Not when there are new device models to sell and money to make.
Why Holding Onto an Old Phone is a Risk?
Unless someone is using an old Nokia 3310 from 2000 that can’t connect to the internet, they’re at risk. Most cyberattackers don’t focus as much on hardware these days but mainly look for software exploits to gain access to devices. These exploits usually come in the form of malware and phishing attempts. They can wreak havoc if left unchecked.
Luckily, mobile manufacturers and companies like Google try to stay on top of things as much as they can by finding security holes. Of course, these are sometimes found after an attack has already happened, but companies still try to negate most of the damage. They do this by releasing constant updates for the mobile device’s operating system. Similarly, app developers are also always on the lookout for threats and do the same.
Newer models are usually privy to getting the latest updates first, while older models lag behind and are eventually forgotten. This means that new models are still protected by the manufacturers constantly keeping up with the latest threats. In the meantime, older models are a playground for exploits and privacy invasion.
So for how long is it safe to keep using a mobile device? Interestingly, the answer differs between Apple and Android products.
How Long is it Safe to Keep Using an iPhone?
Apple is slightly better than Android in this regard because they support security updates and patches for known vulnerabilities for up to five years. Which is great, considering they try to get people to buy a new phone at least every two years or so.
Working with the five-year window means that an iPhone 5 from 2012 was safe to use until 2017, and is now a security risk. While an iPhone 6 and iPhone 6 Plus will only be safe to use until roughly the end of this year.
Another thing that counts in Apple users’ favor is that the manufacturer’s iOS is generally considered very secure. Well, more secure than Android, at least.
But that shouldn’t be taken to heart and doesn’t mean that using an old iPhone is completely safe. Because millions of people all over the world use Apple products, making them an alluring target for motivated attackers. Anyone with the means and the will can still find their way in.
How Long Is it Safe to Keep Using an Android phone?
Whereas Apple’s iPhones are pretty standard across the board, Android phones are a whole other doozy of a ballgame. The main issue is that there are so many different Android manufacturers and each does their own thing. Some manufacturers load their own bloatware and software settings onto the phones while some keep the changes minimal.
The problem is, these manufacturers often fail to make sure their devices are loaded with the latest updated version (which is currently Pie). To make matters worse, manufacturers and carriers can also be lax in quickly upgrading their phones to the latest version. Not to mention users themselves who also tend to forget to update their phones. However, luckily, many do let their phones update automatically.
According to Google’s data, about 7.5% of Android users are currently using Oreo 8.1, while less than 0.1% are using Pie. The most used Android version is currently Marshmallow at 21.3%, which released back in 2015 - four years ago. Meaning most people are using an outdated version, putting themselves at risk.
Still, it can be hard to determine the appropriate amount of time to keep using an Android. Most experts agree that three years is probably the general limit. Anyone who goes beyond that is simply looking for trouble since most phones only get updates for around 2 years. And that’s if they get the latest, consistent updates. Which isn’t always the case.
The real answer will differ from one manufacturer to the next, however. Google’s Pixel phones, for instance, are always up to date with the latest version and get updates and security patches as they’re released. Samsung and Huawei aren’t far behind either.
Why Old Smartphones are a Huge Risk to Corporate Security
While most people might only care about how mobile security risks could affect them personally, they aren’t the only targets.
These days, almost everyone carries their mobile around with them everywhere they go, including work. And a lot of workplaces have WiFi that employees can connect to. That’s a big issue when most of the employees are running older OS versions that pose security risks.
Attackers aren’t as motivated to target individuals because it’s a lot of input for minimal reward. But infiltrating a company’s network is an entirely different matter. They can get access to the connected company network through the unsecured phone and then wreak all kinds of havoc.
Currently, one of the most popular motivations behind this type of hacking is holding company data ransom. Also known as ransomware.
Of course, it can be hard for companies to regulate this type of threat. The best they can do is to either limit employees’ access to the network or try to make sure employees update their phones. The latter of which gives them no guarantee.
According to CSO, companies face at least a 28% chance of experiencing data leakage via mobile in the coming year. This is an ongoing problem for most corporate companies with little in the way of relief in the foreseeable future.
Ways to Guard Against Mobile Security Threats
Holding on to an older phone is appealing for many reasons. With a whole eco-friendly movement taking on the wastefulness of the world, it’s also a more environmentally friendly choice. So, many people are sticking to their older phones and will probably keep doing so despite the risks.
The outlook for these mobile device owners isn’t all bleak, however. There are some things one can do to limit the potential security holes an attacker can exploit. The methods outlined below will help both new and old phone owners alike make sure they’re just that much safer.
Use two-factor authentication
Two-factor authentication makes it harder for cybercriminals to breach an account or app, even if they have the login details.
For many years now, companies have used two-factor authentication when employees try to access corporate data, and more are adopting the practice. Most apps and software clients are also switching to this security tool. It provides another layer of security on top of the old username and password authentication route.
Mobile users can also benefit from using this security tool to ward off unwanted login attempts. One form of two-factor authentication is having a soft security token which is either on the mobile itself or can be sent via text. Another, arguably more secure, the method is user biometrics.
There’s been a massive growth in mobile devices that have fingerprint scanners on board. Companies are starting to use this form of security to protect users and their assets whenever they log into websites or apps. Biometric security is set to become an industry standard through an estimated 4.8 billion devices by 2020.
Get a Password Manager
Almost everyone knows what safe password practices are. Things like not using the same password for everything and making the password complex through additional symbols. However, many, if not most, people still stick to simple passwords.
The main culprit here is the mobile typing interface. There isn’t enough space on mobile screens for the keyboard to be fully displayed. So the standard mobile keyboard splits the characters and symbols into tabs, and people often have to search for what they want. That isn’t conducive to good password hygiene. Most of the time, people will stick to what is quick and simple.
That’s why passwords remain a hugely lucrative avenue for malicious actors within the hacking community.
Luckily, honest developers won’t let themselves be left behind, and password-saving managers exist. These password managers employ different methods and encryptions to keep their users’ passwords safe. Someone with a password manager only has to remember one main password that will grant them access to their ‘vault.’ This vault can contain all of their passwords and things like PINs and credit card details.
A password manager generates super long and complicated passwords that a person can use instead for their various accounts. All of these passwords are stored in the vault, so one doesn’t have to remember them. One just has to remember the main password that unlocks it all.
This is a super secure alternative to traditional passwords.
Using a VPN a good idea
Virtual private networks are all the rage right now, and it’s for a good reason. Reliable VPN services will not only make a person anonymous online but also protect them. Most VPNs natively support both Android and iOS devices, and many even offer multiple simultaneous VPN connections.
A VPN is a service that uses security procedures like encryption protocols to offer a secure connection over a network. The service makes use of the existing internet network infrastructure but offers a safe way to access it. There are plenty of VPN services out there, all of whom provide their users with a way to access the internet without fear.
A mobile device with a VPN app (that’s turned on) can access the internet securely through one of many existing encryption protocols. These protocols protect the data going out and coming in through what is known as VPN tunneling via external servers. Essentially, the app encrypts the data before sending it to the VPN server where it’s decrypted again before it’s sent to the website.
This “tunnel” keeps any prying eyes from seeing what’s being sent, even if the phone’s security has become compromised -making this a great option for anyone with a new or older phone. Because even if the attacker has access to the phone, they still won’t be able to access any data sent over the internet, unless it’s from their own app that’s installed on the device, of course.
Before signing up for a VPN service, make sure to do thorough research about what it has to offer. If privacy is a concern, then stay away from free VPN services since there’s no way of telling if they’re safe.
Make sure to keep up with all app and OS updates
OS updates are extremely important for mobile security, but it can be argued that app updates and patches are even more so. This is because Android and Apple have made considerable improvements in their operating systems over the years. They are always on the lookout for fresh threats and working hard to stay one step ahead of the curve.
App developers, however, aren’t as concerned about security threats, in general. And the issue is, most users can’t be sure how secure the app they’re using really is. Using strong encryption methods isn’t always a top priority, and sometimes passwords or other data get sent without being hashed. That poses a significant risk. Anyone who’s peeping in on the connection either via the phone or the network will get that information.
It’s therefore vital to keep all apps up to date with the very latest version. Sure, many of those updates only contain improvements to the app itself. But no one wants to miss out on those updates that contain security patches. Especially on hugely popular apps because they will be the most targeted. It’s much more profitable to target an app that gives one access to a large user base, after all.
Unsafe apps pose the biggest risk to both smartphone users and companies. The digital-dependant generation is now taking leading positions in top companies, and they are all using their phones. Employees that access company information via their phone can give cybercriminals all the info they need without even realizing it.
Some things in the world of tech move incredibly fast and develop daily, especially in the field of cybersecurity. But not everyone is keeping up.
There’s a rising trend of using phones for longer, which is normal given the current economic climate as well as increased environmental awareness. However, mobile manufacturers keep pushing people to buy new models.
One of the methods they employ is through security updates that no longer support older devices. And this causes problems for both individual and corporate security.
If you would like to know more ways to keep your data safe, check our list of 13 ways to secure your phone.
Latest Articles on our blog
Noise Shots X3 are an affordable pair of wireless earphones from Noise. In this article we take a look at what all it offers and can we call it the best wireless earphones under 3000 in India?
Everyone loves music and In this article, we bring you the list and brief reviews of best headphones and earphones under 3000 in India 2019. This list has both earphones and headphones. Both wired and wireless bluetooth earphones/headphones have been covered in this article from brands like Sony, Samsumg, JBL, boAt and Motorola. The price range varies from 2000 to 3000 rupees.
A list of top 8 best earphones under 1500 and 2000 available in India as of September 2019. Best earphones from brands like Sony, JBL, Noise, Sennheiser, and bOAT have been listed in this article. All these earphones have excellent sound quality and provide an immersive listening experience.
This article helps you with the list of 7 best Bluetooth speakers under 1000 & 1500 in India 2019. Portable BT speakers from F&D, Portronics, Zoook, boAt, Logitech, Blaupunkt and iBall have made it to the top 7 list. We have covered review of each of these speakers along with basic details of the design and battery life.
In this article, we bring you the list of best bluetooth speakers under 2000 in India 2019 which deliver great quality sound with high bass. This list consists of Bluetooth speakers from Blaupunkt, Logitech, Portronics, Boat, JBL and Zoook, alongwith their reviews, specs, features and pros cons..