I know it's an odd question, but where I live phones get stolen often. My phone doesn't have the option for an eSim, which is a problem because 90% of the time when a thief steals a phone they take out the SIM card immediately, meaning I wouldn't be able to remotely lock or wipe my phone.
Should I consider glueing the SIM tray shut? Or are there alternative less permanent measures I can take to keep my device secure?
If I was stealing phones, I'd probably ditch the SIM first too.
Wouldn't want connectivity that will follow me around.
If removing the SIM fails, they'll either:
panic and scrap it on the spot / throw it as far as they can
calmly sigh and dump it in a metal can or mesh bag for later
Either way, you're probably never seeing this phone again after it gets stolen.
As such, I'm assuming the main focus is on protecting the data on it, more than the thing itself.
First thing to do is to encrypt it.
Remote lock? Your phone should already be locked if it's not in your hand.
Disable all the features that unlock your phone when at home and other shenanigans.
Encrypted and locked means someone who gets their hands on it is much less likely to log into everything and make your life hell.
A thief probably won't bother breaking encryption.
A lettered gov agency probably maybe might, but that's a whole different topic.
Remote wipe is never guaranteed anyway.
Faraday cages are utterly simple.
A phone thief wants money.
Your saved passwords, accounts, bank app, stuff like that are prime targets.
After that they could sell the phone or its parts.
There's honestly very little advantage to gluing your SIM tray and it's gonna suck for you when you change providers or they issue you a new SIM for some reason.
Don't leave your phone unlocked.
Don't leave your phone unattended.
Encrypt it.
Lock it.
Keep it updated.
I honestly wish traditional SIMs would die already, along with SMS-based and email-based 2FA.
TOTP 2FA is fine the others are mostly smoke and mirror.
I assume in your case the vast majority of phone thefts are to resell the device, not to obtain any information of the device.
I wouldn't see this as keeping it secure, It will not prevent theft. It may prevent the resale of the phone but that just means they will destroy it in short order.
If theft of data is the issue, they still have physical possession of the device...
True, the vast majority are to resell or sell for parts, but there are data breaches occasionally as well. My idea is to keep the phone online with the SIM inside long enough for me to login to find my remotely and wipe the phone, that way it'll be wiped and locked down, only useful for parts in that scenario
If they are smart enough to know to pull the sim immediately, caring a faraday bag would be my go to as a thief. Lift phone, immediately place in bag. Open while inside a shielded space. Strip phone for parts.
Job done.
If it is a data breach you are worrying about, the only real solution (and it is a terrible, incredibly limiting one) is to store nothing sensitive locally on the phone that is not encrypted.
No. It’s the Apple or Android account that is logged into the phone and whether it is connected to a mobile or WiFi network that will determine if you are able to remotely wipe it or not. They could remove/replace the sim but the next time it connects to one of those networks and has an internet connection, the remote wipe command will activate.
Your phone should always be locked with a pin, Face ID etc. if it isn’t the person can just log in to it and access all of your data or factory reset it.
Depending on how old the phone is, this is less of an issue than you or others here think it is. Starting a few years ago, android at least can't simply be wiped and set back up from scratch. Manufacturers/Android did this in response to the increase in phone thefts. Iirc, this had a significant impact on the number of phones being stolen as an opportunity theft. If someone targets you, that's a different story.
As others have said. Make sure encryption is turned on and that it's setup with a pin. If you really are concerned then make sure the time out to lock is set to as low as possible and never have it unlocked if it's not in your hands.
That’s a possibility, but if it’s locked they won’t be able to log into it to access your data or factory reset it, which will make it essentially worthless to them.
Gluing the SIM card tray will add to that worthlessness but will also prevent you from being able to legitimately sell, trade or give away the phone.
A Faraday cage is a pretty low tech and ubiquitous way to keep anything offline regardless.
They come in convenient travel bag formats these days, but an old metal can will do.
Newer phones aren't worth stealing anymore (for the most part). New features at the bootloader level (pm android at least) prevent you from simply wiping the phone and using it. When you wipe it, you still need to have the pin that the last owner/user setup or else it's just a paper weight.
I dealt with this myself not long ago. I gave my step daughter my pixel 5a when I upgraded to a 7pro and she still needed my pin to set it up.