Private Photos You Thought You’d Deleted Could Still be There: How to Secure Your Data
Your smartphone is your companion for the most private moments. In fact, over time, our phones end up collecting a staggering amount of private data, including photographs that you would not want the world to see, screenshots of bank transactions, images linked to your workplace, and so on. Given how the world is today, data is a valuable currency, and any digital file can be potentially tracked down to their owners, leading to a variety of unforeseen outcomes. Identity theft, counterfeit activities and lewd modification of personal files are just the tip of the iceberg in terms of what can happen to your personal files, if you do not take good enough care of them.
As general practice, it is always ideal to NOT keep sensitive files, such as private photographs and important images, on your phone. There are myriad reasons for this, the foremost of which is cyber security. Malware such as Pegasus have already showed how sophisticated tools can gain root level access to all your device files. However, for the sake of convenience, it is not always possible to delete all locally stored files from your phone.
In such cases, ensure that you do a monthly hygiene check on your phone. Identify all files that may seem sensitive, in the sense that they can compromise your privacy, identity, financials and other related aspects. If you do not plan to reset or switch your device any time soon, transfer these sensitive files to your PC, and into a folder or a drive volume purely dedicated to storing private files. Once you transfer the files, there are multiple steps that you can follow in order to give them a higher grade of security.
The first of the options is to use a third party software, such as BitLocker. These applications offer an assisted interface towards encrypting sensitive data. While this is not a 100 percent failsafe procedure, it still makes your data significantly more secure, and helps you protect it from most remote access threats. These procedures will hold up and keep you safe, as long as you stay safe from any keylogger infecting your device.
The second of the options is an integrated feature available through Microsoft’s Windows OS. The Encrypting File System (EFS) procedure is built into the advanced folder settings on Windows, and to use it, you will require a dedicated USB flash drive to store your security certificate. To access it, you can click on the ‘advanced’ tab of a folder, select ‘encrypt stored files’, and follow the on-screen instructions. Alternately, cyber security blog Comparitech has a fully guided procedure that you can follow to encrypt files locally on Windows.
It is also important to note that by simply selecting ‘permanently delete’ on your sensitive files, they may still be traced (albeit with difficulty) by savvy users, even after you reset all data on your device. You may choose to do so before selling your smartphone, or exchanging it for a new one. Multiple apps such as Recuva, DiskDigger and Android Data Recovery can retrieve files that have been deeply deleted, and while these can be a boon when you are trying to recover data, it can be a privacy risk as well.
To keep yourself safe from this, there are two key steps to adapt. One, encrypt your phone before you factory reset your phone that deletes all data. This ‘hashes’ files on your phone, and ensures that any leftover data recovered after a reset is mostly garbled. The second and equally effective option is to set your phone up (without entering email or any relevant details), and subsequently storing generic files on your phone’s internal storage, for as long as the internal flash drive does not get entirely filled up. Performing a second factory reset after this ensures that no personal files are accidentally cached, and hence, are entirely un-recoverable.