My Mobile Security

By: Scott Skarbowski

Mobile security is in my thoughts almost all day every day. I have a virtual gig at a tech company that partners with ministries, of which many are missionary groups that work overseas.Mobile security needs are high. This security must be looked at from 3 perspectives: the person and behavior, the device, the applications.

For the person, keeping your information secure requires changing how you think. It’s your job to keep your PII safe and any other PII you might be in possession of.

What is PII? It is your Personally Identifiable Information. See this link from The Department of the Navy:

Wikipedia has a good page on this also at .

Note: non-sensitive PII can be used against you in hostile environments, secure that also!

The person must observe different behaviors. You are exposed in a hostile environment. Turn off the device while not in active use. Password protect the device. Encrypt the device. Secure it on your body. Pay attention to your surroundings. Walking heads down messaging on your iPhone, not paying attention- makes you a target here and abroad. Your device is unlocked and readily accessible, you are a target. Locally we think of securing possessions, abroad we think about securing identity. Christians are killed for being Christian. Secure both here and there.

Great information for handling the mobile device can be found on Mobile Ministry Forum website listed below- A Must See Video!Really- MUST SEE!

There is no security through obscurity and you can put others at risk.

Change your online habits, Google, Twitter, Facebook and Apple Devices track you, stop using them.

I create throwaway email aliases for use in foreign countries. One simple command and all content access is removed, just burn the box. It’s hosted in the cloud so no IP mapping to give away identity.

For the device, encrypt it now and use very strong passwords.

This is a good link to start with for password strength.

There are apps that rotate the on screen keypad so patterns can’t be recognized.

Pattern locks are defeatable (with court orders). Fingerprint unlocks can be required by police.

Hongkiat.com has a good article on tightening security here:

Plug the holes. You should strip all apps off the device that are not necessary, even professional apps often leave ways in. Keep your apps and OS updated.

I believe in rooting phones. I believe “If I can’t take it apart- I don’t really own it.”Remove all unnecessary programs.

Turn off your Bluetooth and Wi-Fi until needed.

Don’t use public Wi-Fi without securing it.

There are many ways of eavesdropping and tracking people and use, even pulling data from mobile photos.

Check out here to remove EXIF Data from photos.

The most important point to remember for hardware is to ENCRYPT, PASSWORD PROTECT and TURN OFF when not in use. It solves most security issues.

For the Applications,you need to use secure apps alternatives. If it is not shown for your device search for it anyway.

MMF ( also has a good list of Mobile Apps under Cross-Cultural Outreach.

LINUX Format has Android suggestions.

Cybermissions has a powerpoint that suggests apps and it’s current.

Orweb and Onion will protect and secure your online identity.

Phony will hide the fact that you are on a phone.

Redphone make encrypted internet calls.

ChatSecure encrypts instant messages.

DuckDuckGo was a non-tracking search engine.I don’t trust it anymore.JUST SAY NO!

Startpage is a private search engine that you can pull up in any browser.

Instant EXIF Remover App removes GPS, TIME and ID info from photos.

Use a VPN (A virtual private network (VPN) extends a private network across a public network, such as the Internet) many missionaries use LogMeIn Hamachi.

VyprVPN looks solid and get good review. For Windows, Mac, iOS and Android.

You can use a simple network packet sniffer to see if anyone is on your private network with you. Here are 3

Packet Sniffer by Android Arts

Shark for Root: has a 4 star rating out of 5

CloudShark Appliance

Don’t use Skype it is not secure!

Vsee is very popular for video calls and it’s used by the medical missions.

CyanogenMod is a current and secure android operating system for free! Great for new and older droids.

I own Macs and iphones. I’m a programmer and I test on them. I don’t like them. I’m an Android guy, so this might seem off balanced. If you’re a Mac user check out Macworld’s article on how the NSA secures its Macs for ideas. For iPhones check out some thoughts McAfee has. I don’t know anybody who uses McAfee and doesn’t remove it, but the security tips are good.

Some Last Thoughts:

You can secure your personal habits, your device and apps.

Don’t use face and voice for security access. They are easily hacked. Don’t use fingerprints or gestures, governments have control over access.

Don’t store all of your passwords on your device.

Root your phone and control what is allowed on it.

Use very strong passwords and encryption. If you phone is lost or stolen your data is secure and you are safe.

When in doubt turn your phone OFF. That deletes the working encryption key in memory, yes it is possible to freeze a phone and pull the encryption key to access the data it’s expensive but possible.

Pull the battery to prevent tracking.

Use secure browsers and “startpage” for general internet use.

Use VPNs whenever possible and when security is required.

Check your Wi-Fi. Know who is actively watching you. You are being watched passively.

Apps open security windows with permissions. Remove every app you don’t need. Don’t install apps without thinking about the permissions you are agreeing to. App programmers are sloppy, others will exploit it. Banking apps are very unsecure!

As a Christian I tend to behave like I am an ambassador in enemy territory.

Be alert and of sober mind. Your enemy the devil prowls around like a roaring lion looking for someone to devour. (1Peter 5:8 NIV)