Encrypting Cell Phones

Cell Phone Security: Encryption

With the increasing use of mobile devices such as smartphones comes accompanying risks, such as the potential for sensitive data loss via stolen or lost devices or via unauthorized access. One way to protect smartphone data is with encryption. Encrypting data can help users avoid identity theft and the loss of sensitive data. Encryption can also help institutions meet compliance guidelines for state and federal regulations, as well as mitigate financial risk. As with encryption for other devices, products are available that range from built-in operating system capabilities to those provided by third-party vendors.

Considerations in Selecting Encryption Software for your Cell Phone

Cost: not many native encryption options are available, and most of the free or low-cost alternatives are intended for individual use, and not as an enterprise solution. If an individual option is chosen, there is likely to be no way to centrally manage such a resource. Conversely, enterprise-scale options are likely to be expensive.

Support: most enterprises choose to support one smartphone operating system, such as the BlackBerry OS, but may have certain users that use different devices like the Apple iPhone or Android phone. An encryption product that is available for multiple platforms is preferable to one that is only available for one type of device.

Ability to manage devices centrally: as noted by Dave Shackleford, “the ability to centrally manage policies for smartphone encryption, as well as monitor the status of each phone’s encryption in real time, is often a necessity for enterprises with numerous devices”. As well, there may be compliance requirements for logging and reporting. Finally, managing encryption keys is most often a part of an enterprise-level product.

Encryption for Android, Blackberry, and iOS Devices (including the iPhone)


Out of the box, Android phones do not come with encryption software. (The current exception to this is Android Pro, which supports encryption by default). As with other handhelds, there are third party applications that will allow a user to encrypt data or the device itself. TouchDown can encrypt data at rest as well as attachments on an SD card. WhisperCore is another Android app that offers full-disk encryption, encrypted backups, and fine-grained control over what data apps have access to. Good for Enterprise offers over-the-air and on-device encryption of enterprise data. Trust Digital, via policies pushed to the device, can encrypt user email, contacts, calendars, and documents. Other third-party alternatives offer options such as the ability to create an encryption vault. Individuals or units with Android users, who in turn will be storing or accessing sensitive data belonging to the University, either on or via their Android phone, should consult with the Information Security Office (security@unc.edu, 919 445-9393) to determine how best to secure these devices.


Blackberry phones, as of version 4.2 of the Blackberry OS and later, can encrypt data on the device. Users have the option to encrypt emails, contacts, browser cache, and other data. Note that if user contacts are encrypted, incoming caller ID will not be available.

Follow this procedure to encrypt data on the device.

1. Click Options.

2. Click Security Options.

3. Click General Settings.

4. Set Content Protection to Enabled.

You can also encrypt SD cards by proceeding as follows.

1. Click Options.

2. Click Media Card (note that in some OS versions, you must first click Advanced Options, then click Media Card).

3. Set Encryption Mode to either Device, Security Password, or Security Password & Device.

Blackberry also publishes a Guide to Mobile Security.

iOS Devices (including the iPhone)

As of iOS 4.x through iOS 7.x which includes the iPhone 3GS, iPhone 4, iPhone 5, iPad, and iPod Touch (3rd generation or later), Apple devices supported key security features such as hardware encryption. These devices offer a built-in whole disk encryption utility. With data protection enabled, the hardware encryption keys can be secured with the user’s password. To use the whole disk encryption utility, first verify that data protection is enabled:

1. Tap Settings.

2. Tap General.

3. Tap Passcode Lock.

4. Verify that “Data protection is enabled” is displayed at the bottom of the screen.

In the event that data protection is not enabled, you can enable it as follows.

1. Tap Settings.

2. Tap General.

3. Tap Passcode Lock.

4. Tap in a passcode.

5. Tap in the same passcode.

In addition, Apple publishes Understanding data protection, which explains how to enable and verify data protection on iOS 4 or later devices.

Third Party Vendors for Encrypting Cell Phones


GSMK CryptoPhones



TextSecure (Whisper Systems)

Best Practices for General Cell Phone Security

Be aware of the possibility of theft. Cell phones are small and easily misplaced or lost. If an individual steals your cell phone, it may be only a matter of time before even the best secured device is compromised.

Be aware of the risks of “Social Engineering”. If you are making a phone call that involves sensitive information, for example, a credit card number, be sure that no one can overhear you and use the information fraudulently or commit identity theft.

Contact your cell phone provider as soon as your cell phone is lost or you think it’s been hacked. If the cell phone has been provided by your department, contact your Information Security Liaison. If you don’t know who your Information Security contact the Information Security Office (security@unc.edu, 919 445-9393). At a minimum, if your cell phone is lost or stolen you’ll want to discontinue service immediately before the thief can run up a big bill.

Password protect your phone. Use a strong password (minimum of 8 charactes, with a mixture of numbers, symbols, and upper and lower case letters).

Turn off Bluetooth, unless you need it. Disabling the Bluetooth service will significantly decrease a hacker’s opportunity to wirelessly hack into your phone.

Obtain and install anti-virus software, if it’s available for your model, and keep it updated. New malware is created every day, so it’s important to have anti-virus software on your cell phone.

Don’t accept files and text messages from individuals you do not know. You wouldn’t download an attachment to an email you received from a stranger to your desktop or laptop computer. For the same reason you want to be very careful about opening unsolicited files and text messages on your cell phone.

Obtain and install encryption software for your cell phone, if available.