Most apps ask for permissions they don't need. Twenty minutes to lock them all down.
Every app you install asks for permissions: contacts, photos, microphone, location, camera. Most apps ask for things they don't need — a torch app wants your contacts, a calculator wants your photos. Twenty minutes once a year to audit them lifts your privacy enormously without breaking anything you actually use.
On iOS: Settings → Privacy → Location Services. On Android: Settings → Location → App permissions. Go through every app. Maps, ridesharing, food delivery, weather: set to While Using. Everything else: Never. Social media apps especially — they don't need to know where you are when you're not opening them.
Settings → Privacy → Microphone (iOS) or Settings → Apps → Permission Manager → Microphone (Android). The list of apps with mic access should be: Phone, Voice memos, Zoom, Teams, Camera, maybe a music app. If anything else is on the list, deny it. The 'is my phone listening to me?' anxiety usually goes away after this audit.
Modern iOS and Android let you grant an app access to specific selected photos instead of your whole library. Use this. Instagram, Facebook, Slack don't need to see every photo you've ever taken. Most apps work fine with 'Selected Photos' instead of 'All Photos'.
If WhatsApp or Signal has your contacts, OK — that's how they show you who else uses the app. Beyond that, very few apps need your contacts. Deny by default. Apps that genuinely need it will pop a friendly prompt asking again; non-essential ones will just continue working without it.
Settings → General → Background App Refresh (iOS). Most apps don't need to update in the background — they can refresh when you open them. Disabling background refresh for non-essential apps saves battery, reduces data use, and stops apps from quietly doing things you didn't ask for.
Some apps ask for Bluetooth permission to track you across stores via in-store beacons (your phone's Bluetooth ID is a unique identifier even when not connected to anything). Unless an app obviously needs Bluetooth (Apple AirPods, fitness tracker, smart watch), deny it.
App permissions is one part of mobile hygiene. Read the rest.
Business phones can have permissions managed centrally via Intune — bulk-deny categories of permissions across the fleet, push-update sensitive app policies, wipe a lost device remotely. whedo.it bundles this as part of the M365 Business Premium baseline.
A Support Representative will get in touch.
A Support Representative will be in touch the same business day.
No deck, no pitch — walk your environment with a senior Australian practitioner. Confidential by default.
I built this business because I wanted to do Managed services properly — for a small number of clients, at a senior level, with the same person on the end of the phone every time. The work is too important and the stakes are too high for anything less.
Behind the formal qualifications: a Cyber Security degree from the University of the Sunshine Coast, currently working on my Master’s, plus a continuous stack of Microsoft, Acronis and Nerdio certifications — the ones that have to be renewed because the threats don’t stay still.
Behind the certifications: thirty years of doing the work. I cut my teeth in consulting, then went to Cisco on the team building the original iPhone — Cisco’s VoIP handset, the trademark Apple later acquired in the 2007 settlement. At TPG in 1999 I sold frame-relay networks when frame-relay was the cutting edge of business connectivity. I built and sold a Sydney-based MSP called Online IT before relocating to Perth.
Three decades of watching what’s actually changed and what hasn’t. The technology has changed almost beyond recognition. The principles haven’t. Identity first. Backup that has actually been tested. A senior practitioner who knows your environment. Calm in an incident. Honest answers when the answer is “no.”
That’s whedo.it. That’s the brief. That’s why long-tenure clients don’t leave.
— Warren Ephron, Director